Definition - What does Certificate Authority Server mean?
A certificate authority server (CA server) offers an easy-to-use, effective solution to create and store asymmetric key pairs for encrypting or decrypting as well as signing or validating anything that depends on a public key infrastructure (PKI).
The certificate authority server generates a root certificate for digitally signing other certificates; generating PKI key pairs; and also signing firmware updates, code as well as other items that require a digital signature.
Certificate authority servers can manage certificate enrollment requests from customers, and are able to issue and revoke digital certificates. All CA Servers are built to address the identity management requirements. By leveraging PKI, organizations can efficiently safeguard their users’ identities. This provides the users with robust e-mail signing and encryption, network authentication, and wireless network access.
Although different CA servers offer different features, most of them offer some or all of the following features:
Conforms to RFC 5280
Permits creation of root as well as subordinate issuer CAs
Supports various logical PKIs comprised of CAs with their own certificate signing keys
Offers potential to set up various certificate profiles
Supports various configurable certificate templates, such as SSL server or client, email signing or encryption, EV SSL, DRM, IPSec, TSA certificates, code signing, and so on
Offers straightforward server-side and client-side key generation
Supports LDAP/HTTP publication and X.509 CRL issuance
CWA 14167-1 certified security management to guarantee qualified CA services
Supports Hardware Security Module (HSM) centered CA private key storage and processing
Offers RSA certificate signing
Offers ECDSA certificate signing
Supports various hash algorithms
High resilience, availability, and throughput capability
Makes use of solid access control and operator authentication