The Local DVCA sub-module will list all the Local DVCAs registered in ADSS Server. The certificates generated with the purpose 'Document Verifying CA (DVCA)' within Key Manager are listed in this module that can be configured as Local DVCAs. In order to create certificates with DVCA purpose, click here.

Note that this sub-module will only be displayed if you have the E-Passport DVCA license. 

Navigate to the screen below to view the list of registered Local DVCAs:  

By clicking the New/Edit button, the following screen will be shown where Local DVCA(s) can be configured:

The items in the above screen are described below:

Items

Description

CA Certification Settings:

Defines the following: 

Status

A DVCA may be marked either Active or Inactive. As suggested by its name, an Inactive DVCA will not be used to issue/rekey certificates until its status is changed to Active.

CA Friendly Name

An operator-defined unique name for easy management of DVCA within ADSS Server. This is only for human identification purposes and not used within the certification request/response messages.

Description

This can be used to describe the DVCA in more detail (e.g. in which circumstances will this DVCA will be used). This is for information purposes only.

CA Certificate

The drop-down menu will only show the certificates within the ADSS Key Manager that were given a purpose of Document Verifying CA (DVCA) when they were created.

Select the certificate that you want to configure as a DVCA. This DVCA will be used as the certificate issuer. 

Certificate Validity Settings:

This option is used to define the validity time/date procedure of a certificate according to the issuer's certificate validity date/time. The possible values are:

  • Issue the Certificate
    Select this option if you wish to issue the target certificate beyond the DVCA's expiry date.
  • Use CA's Expiry Date/Time
    By selecting this option, ADSS Server will set the DVCA's expiry date (Valid To) in the target certificate (Valid To) if the requested certificate's validity period will be beyond the DVCA's expiry date.
  • Return Error
    When this option is selected then an error message will be returned if the requested certificate's expiry date is beyond the CVCA's expiry .

Note: If the provided time period for a requested certificate is not beyond the DVCA's expiry, then the target certificate will be generated using the provided date/time regardless of which option is selected.

Publish Issued Certificates:

Defines the following: 

Publish to File System

After issuing a certificate using the configured CA, the certificate can be published to File System by entering the required path in Directory File Path field.


Ensure all the configuration are saved by clicking on 'Save' button.


By clicking the 'View Certificate' button, the following screen will be shown where the contents of the DVCA will be displayed:


Issued Certificates 

By clicking on the Issued Certificate button after selecting a DVCA, the following screen will be displayed where all the certificates issued by this DVCA are shown:

This screen shows certificates issued by this DVCA via Key Manager, Certification Service and Manual Certification modules.


You can select a certificate, and then either View, Suspend, Active or Delete it. A certificate can be suspended by clicking on the 'Suspend' button and can be reactivated later by using the 'Active' button. A selected certificate can be removed from the certificates list by clicking on Delete button. Clicking on the Search button on Issued Certificates main page will display following screen:


If "_" character is used in the search then it will act as wildcard.



See also

Local CAs

View CRLs
External CAs
Local AAs
Local CVCAs
Manual Certification
Certificate Templates
CV Certificate Template
Alerts