ADSS XKMS Service
ADSS XKMS Service module provides advanced certificate validation services compliant with the W3C XKMS and PEPPOL validation protocol. A relying party can make requests to ADSS XKMS Service for certificate status checks. ADSS XKMS Server checks that the target certificate is trusted as per RFC 5280 validation policies, i.e. it is issued by a trusted CA, expiry, revocation, existence of particular key usages & extended key usages etc.
ADSS XKMS Server excels because of its scalability, resilience and ability. You can define the certificate validation profile for different validation schemes and validation policy for non-registered CAs. You can also enable the caching of CRLs, certificates in order to optimise the performance. The attention to detail in security management including optional dual control of specific features, management reporting and transaction log views of validation information, are in advance of anything seen elsewhere and these aspects are key to minimising operational time and costs.
The following image shows XKMS Service sub-modules, details of which are given in the next sections:
The following sections describe how to configure the ADSS XKMS Service.
See also
Getting Started
Concepts & Architecture
ADSS RA Service
ADSS Certification Service
ADSS Signing Service
ADSS Go>Sign Service
ADSS RAS Service
ADSS SAM Service
ADSS CSP Service
ADSS TSA Service
ADSS Verification Service
ADSS OCSP Monitor
ADSS OCSP Service
ADSS SCVP Service
ADSS LTANS Service
ADSS HMAC Service
ADSS Decryption Service
ADSS OCSP Repeater Service
ADSS NPKD Service
ADSS SPOC Service
Manage CAs
Key Manager
Trust Manager
ADSS CRL Monitor
Global Settings
Access Control
Client Manager
System Log Viewer
Server Manager
Approval Manager
Operational Management
Advanced Configuration