The ICAO PKD Download Settings will be configured in order to download DS Certificates, Master List's (containing Foreign CSCA Certificates) and CRLs from ICAO PKD. Once downloaded, the data will be stored in ADSS NPKD Service which can later be provided to Inspection Systems on request. Here polling settings will also be configured to define the time interval for automatic download of the required data from ICAO PKD.

To configure ICAO PKD Download Settings, navigate to the following screen in ADSS Server console:

The configuration items are as follows: 

Items

Description

ICAO PKD Server Address

The Address of the ICAO PKD LDAP Server on which the data will be uploaded.

List of ICAO PKD Server Address

The Addresses can be added in the List of ICAO PKD Server Address by clicking on Add button. The list of IP addresses will be displayed in this field.

Port

Enter the port for LDAP Server, the default port is 10636.

Bind DN/User

The distinguished name or user ID used to bind.

Password

The password used to bind.

Use TLS Client Authentication

If this option is enabled, ADSS NPKD Service will communicate with the ICAO LDAP Server over TLS Client Authentication. Select the TLS Client Certificate which pre-exists in the Key Manager. The operator can select the certificate from the list of available certificates by clicking on drop-down appears when it is enabled.

Note: It is required to register the Issuer CA of the TLS Client Authentication Certificate in Trust Manager with the purpose CA for verifying TLS client certificates

ICAO PKD Polling Settings

Defines the following: 

Retrieve Data from ICAO PKD

This field defines the number of minutes after which data from ICAO PKD would be retrieved.  

Retry if connection fails

If the connection has failed, this field defines the number of minutes after which NPKD will try to establish communication with ICAO PKD to retrieve the data.  

Download Non-conformant Objects

This check allows us to download all the non-conformant (not comply with iCAO standard) objects from ICAO PKD. 

Download data from ICAO PKD

This checkbox enables the operator to download multiple objects from ICAO PKD including:

  • Master Lists.
  • CRLs
  • DS Certificates


Ensure that all the configurations are saved by clicking on 'Save' button.


Once the required configurations are done, the operator need to set the base path in order to download data from ICAO PKD. To set the base path, click here


See also

Step 1- Configuring ICAO PKD Upload Settings
Step 3 - Registering Business Application
Step 4 - Using the Service Manager