Owner's & Users Manual

Digi-CA™ Owners & Users Manual (on line)
Digi-CA™ the complete Certificate Authority [CA] system
Service Overview
Digi-CA™ Overview

There are four consoles in the Digi-CA™ system, namely:

Error! Reference source not found.   CAMC   www.digi-sign.com/digi-ca/camc
Delivery & Storage Examples
Fused Storage

Fused User Protected Storage

In the case where the end entity certificates is stored in the Microsoft Internet Explorer certificate Store of the Desktop Profile for the user, there is an option in the Digi-CA Sever™ system to offer further security levels by enabling the User Protected setting. Depending on the CP, this can be offered to the end user as an option or it can be enforced. The security levels are:


For end entity certificates there are two different Storage Types and several devices that need careful consideration when choosing how your certificates will be deployed. The correct selection is critical to the ease of operation combined with the level of security you need to achieve.

Certificate Delivery

Digi-CA™ has different delivery options for each digital certificate it produces. The most common use for Digi-CA™ is to deliver end entity certificates. Prior to the installation of the Digi-CA™, the CP is documented and this determines what Method of Delivery is used for issuing a digital certificate.

Certificate Application

Digi-CA™ has different certificate application options for each type of digital certificate it produces. In low volume situations, such as SSL certificates, the application process is conducted manually. Alternatively, when issuing thousands of client certificates to end users, part or all of the application process can be automated.

The three application options are completely manual, completely automated or partial automation, as required.

Certificate Key Management Options

The production of any digital certificate, from any provider, uses the same x.509 elements and the method that is used to inextricably link the key-pair to the certificate we call the ‘Binding Option’. There are two different Binding Options that can be used when generating digital certificates and each one produces an inherently different CA environment.


The issue of Key Management is an important consideration when selecting any CA system. To understand the importance of this subject, you must first understand the real difference between the key-pair and the certificate. The key-pair is used to provide the authentication and the unique identity of the end user. The certificate, that is used to sign this key-pair, tells you that it is valid and ‘not out of date’. Together the key-pair and the certificate create the ‘package’ that makes up the digital certificate.

Digi-CA™ Selection Guidelines

The simplest way to select the correct Digi-CA™ for your organisation is to decide how many users you have (or in some cases the number of physical devices you need to identify). This should include employees, customers, partners or suppliers and the individual people that work in each of these areas that you wish to issue a digital certificate [Digi-ID™] too.