For business applications relying on PKIs the process of trusting digital certificates is complex. It requires the ability to locate certificates from online resources in order to construct a valid certificate path to one or more trust anchors. Once a certificate path is successfully constructed it then needs to be subjected to a multi-step validation process, where many fields and extensions inside each certificate in the path are reviewed and validated according to a complex set of PKI rules.
ADSS SCVP Server provides all of the above functionality in a centralised manner. This allows business applications to delegate all of the responsibility for certificate path discovery and validation to this trusted Validation Authority. This greatly simplifies development of business applications that rely on PKIs, by hiding all the inherent complexity
ADSS SCVP Server
Able to validate certificates in complex bridge CA and mesh PKI environments, enabling multiple PKIs to interoperate without the need for cross-certify.
Configure separate validation profiles, with each profile defining its own trust anchors and DPD and DPV settings.
Dynamically build certificate paths using either information held within certificates (e.g. AIA cert issuer field) or from pre-configured LDAP repositories. Receiving intermediate certificates within request message as well as pre-registered on server is also supported. Each SCVP profile defines which of these options to use. ADSS SCVP Server has been subjected to independent evaluation and certification against the latest NIST Path Discovery test suite.
Ascertia provide an SCVP service which complies with IETF RFC 5055 and RFC 3379 for delegated path discovery (DPD) and delegated path validation (DPV) of digital certificates. In this demo you can verify any X.509 Certificate. The free service is configured with a list of Certificate Authorities (CAs).