Home > ADSS NPKD Service > Configuring the NPKD Service > Step 2 - Configuring ICAO PKD Download Settings

Step 2 - Configuring ICAO PKD Download Settings

The ICAO PKD Download Settings will be configured in order to download DS Certificates, Master List's (containing Foreign CSCA Certificates) and CRLs from ICAO PKD. Once downloaded, the data will be stored in ADSS NPKD Service which can later be provided to Inspection Systems on request. Here polling settings will also be configured to define the time interval for automatic download of the required data from ICAO PKD.  

To configure ICAO PKD Download Settings, navigate to the following screen in ADSS Server console:

The configuration items are as follows: 

 Item  Description
ICAO PKD Server Address The Address of the ICAO PKD LDAP Server on which the data will be uploaded.
List of ICAO PKD Server Address The Addresses can be added in the List of ICAO PKD Server Address by clicking on Add button. The list of IP addresses will be displayed in this field.
Port Enter the port for LDAP Server, the default port is 10636.
Bind DN/User The distinguished name or user ID used to bind.
Password The password used to bind.
Use TLS Client Authentication If this option is enabled, ADSS NPKD Service will communicate with the ICAO LDAP Server over TLS Client Authentication. Select the TLS Client Certificate which pre-exists in the Key Manager. The operator can select the certificate from the list of available certificates by clicking on dropdown appears when it is enabled.

Note: It is required to register the Issuer CA of the TLS Client Authentication Certificate in Trust Manager with the purpose CA for verifying TLS client certificates
ICAO PKD Polling Settings Defines the following: 
Retrieve Data from ICAO PKD This field defines the number of minutes after which data from ICAO PKD would be retrieved.  
Retry if Disconnects If the connection has failed, this field defines the number of minutes after which NPKD will try to establish communication with ICAO PKD to retrieve the data.  
Download Non-conformant Objects This check allows us to download all the non-conformant (not comply with iCAO standard) objects from ICAO PKD. 
Download The Download checkbox enables the operator to download multiple objects from ICAO PKD including:
  • Master Lists 
  • CRLs 
  • DS Certificates 


Ensure that all the configurations are saved by clicking on 'Save' button.
Once the required configurations are done, the operator need to set the base path in order to download data from ICAO PKD. To set the base path, click here

See also

Step 1- Configuring ICAO PKD Upload Settings
Step 3 - Registering Business Application
Step 4 - Using the Service Manager