...
The X-Road operator defines trusted CAs on the Central Server by:
Adding root and intermediate (optional) certificates.
Defining the OCSP responder URL of the CA.
Defining the certificate profile info provider Java class – a class that knows how to read/write the required information from/to certificates.
| Info |
|---|
Every Certificate Authority (CA) has a certificate profile that defines what information is stored in what fields in the certificate. More information about certificate profiles is available here. |
From the X-Road’s point of view a trusted CA may be:
Commercial, globally trusted CA.
Any self hosted CA fulfilling the X-Road’s technical requirements, e.g. EJBCA open source software.
However, the type of the CA (globally trusted vs. self hosted) may affect the legal value of the Security Server message logs.
Related articles
| Filter by label (Content by label) | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
...
|
| Page Properties | ||
|---|---|---|
| ||
|