How to Set Up a Test CA with OCSP and TSA?

The X-Road core includes Central Server, Configuration Proxy (optional) and Security Server. When setting up an X-Road environment, trust services that include a CA with OCSP and TSA are required in addition to the X-Road core. The CA is used for issuing certificates to Security Servers (authentication certificates) and to X-Road member organizations (signing certificates). See also: What kind of keys and certificates the Security Server has?

Trust services can be provided by commercial trust service providers, a trusted certification authority and a trusted time-stamping authority. Alternatively, it is possible to use open source tools. When setting up a test or development environment using open source tools should be sufficient solution. When setting a production level environment,  a trusted certification authority and a trusted time-stamping authority are usually required.

The official documentation for setting up a test CA with TSA and OCSP is available at

N.B. When the test CA is used, the class below must be defined as the Certificate Profile Info provider on the Central Server when adding an approved certification service: