The ADSS Key Manager module is used by operators to:

  • Generate key pairs for various purposes in either Software or Hardware Device (HSM, Smartcard, USB Token).
  • Define key templates for keys generated in hardware crypto sources.
  • Define certificate templates.
  • Import keys and certificates from PKCS#12/PFX containers.
  • Import public keys and certificates from hardware devices, Azure Key Vault, AWS Cloud HSM and/or MSCAPI.
  • Export software keys and certificates in PKCS#12/PFX format.
  • Generate self-signed certificates.
  • Create certificate purposes.
  • Create certificate templates for CV certificates used in E-Passports.
  • Generate CVCA and DVCA certificates for E-Passports.
  • Get public keys certified through the ADSS Server Local CA.
  • Enable automatic certificate renewal.
  • Generate PKCS#10 (Certificate Signing Requests) for public keys to be certified via external online or offline CAs.
  • Create Certificate Groups for certificates held in configured hardware crypto sources and MSCAPI.
  • Specify a default Distinguish Name to use in certificates and certificate request messages.
  • Define automated alerts to warn about certificate expiry.
  • Destroy keys that are no longer required.


The following image shows the Key Manager sub-modules, details of which are given in the next sections:

See also

ADSS Server Knowledge Base

Welcome

Getting Started
Concepts & Architecture
ADSS RA Service
ADSS Certification Service
ADSS Signing Service
ADSS Go>Sign Service
ADSS RAS Service
ADSS SAM Service
ADSS CSP Service
ADSS TSA Service
ADSS Verification Service
ADSS OCSP Monitor
ADSS OCSP Service
ADSS SCVP Service
ADSS XKMS Service
ADSS LTANS Service
ADSS HMAC Service
ADSS Decryption Service
ADSS OCSP Repeater Service
ADSS NPKD Service
ADSS SPOC Service
Manage CAs
Key Manager
Trust Manager

TSL Monitor
ADSS CRL Monitor
Global Settings
Access Control
Client Manager
System Log Viewer
Server Manager
Approval Manager
Operational Management
Advanced Configuration