EJBCA Validation Authority

EJBCA OCSP Validation Authority. A validation authority (VA) is an entity that provides services used to validate certificates.

On-line real time certificate validation server

On-line certificate validation is efficiently achieved through the use of the EJBCA OCSP Responder — PrimeKey’s high performance, scalable Validation Server, based upon the OCSP standard. Unlike some other responders, EJBCA OCSP is capable of providing real time certificate validation.

True on-line certificate validation

You don’t have to wait for issuance of CRLs when working with a true on-line certificate validation system like the EJBCA OCSP Server. Using a relational database as back-end storage, EJBCA OCSP can immediately update certificates information upon certificates revocation.  One can even issue millions of inactive certificates that can later on be activated – something virtually impossible using traditional methods.

CRL versus OCSP

Deploying certificate infrastructures, users have to be provided the right means to verify certificate validity. This is usually done by means of Certificate Revocation Lists. However, where the use of CRLs are inconvenient or inadequate, organizations may opt to use the EJBCA OCSP responders.

PKI independent

The EJBCA OCSP Responder can provide certificate validation services for any PKI, including EJBCA. The PKI independence arises from the fact that the OCSP responder is a stand-alone component, fed and updated with certificate status information from the Certificate Authority.

Platform independent, flexible and robust

Based on the same Java EE platform as EJBCA PKI, the OCSP responder features the same platform independence, flexibility and robustness as EJBCA PKI.

Enterprise scalability

EJBCA OCSP responder has support for the leading HSMs and allows easy and reliable clustering. This ensures linear scalability – thus achieving breathtaking performance. It is even possible to shut down a node for maintenance, while other nodes continue to answer requests.

The EJBCA OCSP responder contains a built-in monitoring facility, ensuring that the responder is functioning properly at all times.

Audit and logging

In order to support a wide range of business models, the OCSP responder has highly configurable audit and transaction logging capabilities. If there is a need to charge your customers making requests or to keep requests and responses for audit –  EJBCA OCSP responder will satisfy your demands!



Read more: pdf-icon

Contact us to discuss your needs for a Validation Authority: sales@primekey.se

EJBCA® is a registered trademark of PrimeKey Solutions AB.