The ADSS RA Service receives and manages certificate signing requests (CSRs, also known as PKCS#10/ CSRs) from end-entities that can include human users, web servers, network devices and other entities. The ADSS RA Service also receives and manages certificate revocation requests. Such requests can be received:
through industry standard SCEP protocol, or
through a web service interface, or
through ADSS Go>Sign Service and Applet.
Requests that are successfully accepted and processed are passed to the identified Certificate Authority (CA) for action. The ADSS RA Service will receive a response from the CA and will provide the appropriate response to the requester.
Some of the striking functionalities of ADSS RA Service are:
Registering the details of all the end-entities that request certificates
Allowing the requests for certificates to be approved or rejected by using either automated (configurable) processes, or by using manual processes with trusted RA Operators
Communicating with the relevant CA to obtain certificates, and then providing suitable means of their delivery to the requesting end-entities
Managing the certificate renewal process which may follow different workflow depending on the end-entity capabilities
Managing the certificate revocation process which may be initiated by the certificate owner or a trusted RA Operator
The way ADSS RA service carries out these tasks may vary depending on whether human users are being registered or whether entities such as networking devices, software applications or web servers are being registered. The following pages describe these processes. The ADSS RA Service home page is shown below: