Information Database

The Database, Control Centre & CRL

PDF The Digi-CA™ This module is used for storing:

  • information about the Digi-CA™ Certificate Structure
  • user information
  • Certificate data
  • billing information (if included)

The database is SQL based and by default the system is installed with MySQL database server. At an additional cost, the Administrator can define what database to use (PostGRE SQL, Oracle®, DB2®, SQL Server®, Websphere®, etc).

Based on information stored in the database, the system generates requests for creation, suspension (if enabled) and revoking of Digi-ID™ certificates to the Digi-CA™ Certificate Engine core.

The Digi-CA™ Directory stores Digi-ID™ Certificates and user data according to current international RFC standards. The schemas used are core, cosine and internetperson. The schemas are stored in a directory. Access to the directory is available through an LDAP compatible client.

Digi-CA™ Control Centre

    The Digi-CA™ Control Centre is the Administrators’ interface for controlling the day-to-day operation of the Digi-CA™ system. The Digi-CA™ Control Centre provides all of the deployment and life cycle management functions of the Digi-IDs™ and any other Digital Certificates the system issues. One or more Administrators can manage the Digi-CA™ Control Centre. Depending on the level of security required, Administrators must be authenticated using Digi-Access™, Digi-Card™, Digi-Token™ and/or a biometric reader.

Digi-CA™ CRL

    Digi-CA™ uses the x.509 standard Certificate Revocation List [CRL] format so that Digi-ID™ information can be made publicly available at a designated web address. This is the repository for all issued Digi-IDs™ and enables integration of Digi-IDs™ into third party or custom applications an easy task.

    Recent ANSI, ETSI and ICAO guidelines have recommended the use of Online Certificate Status Protocol [OCSP] for certain environments. Offering OCSP as a service can cause considerable traffic on your network and should only be considered where there is a statutory or compliance requirement.

    In all other cases, the CRL service is the preferred method of communicating the status of the Digi-ID™.