Owner's & Users Manual

Digi-CA™ Owners & Users Manual (on line)
Dual Server Digi-CA™ Server Xp Technical Diagram

The following technical installation diagram outlines a typical network requirement to run and operate a dual server Digi-CA™ Server Xp system without a HSM. Backup server is optional.

Digi-CA™ the complete Certificate Authority [CA] system

Dual Server Digi-CA™ Server Xp Technical Diagram

The following technical installation diagram outlines a typical network requirement to run and operate a dual server Digi-CA™ Server Xp system without a HSM. Backup server is optional.

Digi-CA™ the complete Certificate Authority [CA] system

Single Server Digi-CA™ Server Xs Technical Diagram

The following technical installation diagram outlines the typical network requirement to run and operate a single server Digi-CA™ Server Xs system without a HSM. Backup server is optional.

Digi-CA™

As is the case with sub section 5.4, Digi-CA™ offers the capability to completely localise all interfaces, help files and user screens into your local language(s). This is particularly important to organisations where English is not used. It is also possible to have multiple interfaces with multiple languages for the same system. The following two samples show the Digi-CA™ Control Centre screen in Chinese and the user enrollment screen where users can apply for a certificate in Turkish.

Digi-CA™ the complete Certificate Authority [CA] system
Digi-CA™

The Digi-CA™ is probably the most flexible and capable CA system available in the market today. Unlike the other Legacy CAs, Digi-CA™ takes advantage of the many advances in technology over the past seven years and you benefit by getting the flexible, cost effective and easily integrated CA system you need.

Digi-CA™

x.509 and cryptographic standards make it impossible that two identical certificates can be issued from the same Digi-CA™. Every certificate is unique.

A person’s ‘proof of identity’ can be proven using various traditional methods. For example: private information that only that specific person could know; a letter from a notary, lawyer, accountant, employer or Peace Commissioner identifying that person; bank, passport, national ID card or insurance number; eye scan, finger print, biometrics; etc. Every person is unique.

MIME Technology

The Digital Signature and message encryption implementation on email messages is achieved by mechanisms implemented directly in the email client software and that follows the S/MIME standard.

Both S/MIME message encryption and Digital Signatures are based on encryption technologies. Message body encryption creates a completely unreadable message body and Digital Signature. The diagram below shows how the encryption process generates a one-time Symmetric Key (also called a Session Key) that encrypts the message body.

Digi-CA™

All certificate revokations are initiated either by the user or by the Administrator. Revokations are required for a number of reasons, for example:

The Steps for Issuing an End Entity Certificate

Proof of Identity – When the end user first applies for the certificate, in most cases they must prove their identity. The information or documents required to provide ‘proof of identity’ are decided by the issuing authority and may include official papers and/or other documents. The precise requirement will be clearly identified in the CP.

Application Form - An application form must be completed.

Processes used in issuing End Entity Certificate

A standard process for issuing an end entity certificate involves the following stages:

- Using the Digi-CA™ RAMC, the Administrator initiates a certificate invitation email message that is sent to the intended recipient (user)

- The recipient (user) enters the online certificate application form using the URL provided in the invitation email message;