Key Management Options

Certificate Key Management Options

The production of any digital certificate, from any provider, uses the same x.509 elements and the method that is used to inextricably link the key-pair to the certificate we call the ‘Binding Option’. There are two different Binding Options that can be used when generating digital certificates and each one produces an inherently different CA environment.

With Digi-CA™, you can choose what type of Binding Option you prefer once you have a clear understanding of your environment and the affect of your choice. Digi-CA™ refers to the Binding Options as Disposable or Renewable and classifies the options in two distinctly different certificates:

With Digi-CA™, you can choose the Disposable Certificate Binding Option most frequently used in Legacy CAs or you can use the more modern Binding Option that creates the Renewable Certificate.

Disposable Certificates

The Disposable Binding Option stipulates that every time you require a new certificate, you need both a new key-pair and a new certificate. Once the certificate expires, you simply dispose of it and issue a new certificate (i.e. a new key-pair and a new certificate are issued every time). The certificate that uses this type of Disposable Binding Option is referred too as a disposable certificate

Renewable Certificates

The Renewable Binding Option stipulates that you keep the original key-pair and only need a new certificate for the renewal. Once the certificate expires, you simply need a new certificate to renew it (i.e. only a new certificate is issued every time). The certificate that uses this type of Renewable Binding Option is referred too as a Renewable Certificate.

Certificate Application

The Renewable Binding Option stipulates that you keep the original key-pair and only need a new certificate for the renewal. Once the certificate expires, you simply need a new certificate to renew it (i.e. only a new certificate is issued every time). The certificate that uses this type of Renewable Binding Option is referred too as a Renewable Certificate.