The Local CVCA sub-module will list all the Local CVCAs registered in ADSS Server. The certificates generated with the purpose 'Country Verifying CA (CVCA)' within Key Manager are listed in this module that can be configured as Local CVCAs. In order to create certificates with CVCA purpose, click here.

Note that this sub-module will only be displayed if you have the E-Passport CVCA license. 

Navigate to the screen below to view the list of registered Local CVCAs:  

By clicking the New/Edit button, the following screen will be shown where Local CVCA(s) can be configured:

The items in the above screen are described below:

Items

Description

CA Certification Settings:

Defines the following: 

Status

A CVCA may be marked either Active or Inactive. As suggested by its name, an Inactive CVCA will not be used to issue/rekey certificates until its status is changed to Active.

CA Friendly Name

An operator-defined unique name for easy management of CVCA within ADSS Server. This is only for human identification purposes and not used within the certification request/response messages.

Description

This can be used to describe the CVCA in more detail (e.g. in which circumstances will this CVCA will be used). This is for information purposes only.

CA Certificate

The drop-down menu will only show the certificates within the ADSS Key Manager that were given a purpose of Country Verifying CA (CVCA) when they were created.

Select the certificate that you want to configure as a CVCA. This CVCA will be used as the certificate issuer. 

Certificate Validity Settings:

This option is used to define the validity time/date procedure of a certificate according to the issuer's certificate validity date/time. The possible values are:

  • Issue the Certificate
    Select this option if you wish to issue the target certificate beyond the CVCA's expiry date.
  • Use CA's Expiry Date/Time
    By selecting this option, ADSS Server will set the CVCA's expiry date (Valid To) in the target certificate (Valid To) if user the requested certificate's validity period will be beyond the CVCAs expiry date.
  • Return Error
    When this option is selected then an error message will be returned if the requested certificate's expiry date is beyond the CVCA's expiry date.

Note: If the provided time period for a requested certificate is not beyond the CVCA's expiry, then the target certificate will be generated using the provided date/time regardless of which option is selected.

Publish Issued Certificates:

Defines the following: 

Publish to File System

After issuing a certificate using the configured CA, the certificate can be published to File System by entering the required path in Directory File Path field. 


Ensure all the configuration are saved by clicking on 'Save' button.


By clicking the 'View Certificate' button, the following screen will be shown where the contents of the CVCA will be displayed:


Issued Certificates 

By clicking on the Issued Certificate button after selecting a CVCA, the following screen will be displayed where all the certificates issued by this CVCA are shown:

This screen shows certificates issued by this CVCA via Key Manager, Certification Service and Manual Certification modules.


You can select a certificate, and then either View, Suspend, Active or Delete it. A certificate can be suspended by clicking on the 'Suspend' button and can be reactivated later by using the 'Active' button. A selected certificate can be removed from the certificates list by clicking on Delete button. Clicking on the Search button on Issued Certificates main page will display following screen:



If "_" character is used in the search then it will act as wildcard.


See also

Local CAs

View CRLs
External CAs
Local AAs
Local DVCAs
Manual Certification
Certificate Templates
CV Certificate Template
Alerts