[1] The CSG™ acts as a gateway between the DSSA™ [2] client and the Digi-CA™ [3] System, thus on top of the ability to receive requests from DSSA™ clients, it is able to communicate with the Digi-CA™ System during the same connection session.
There are various development approaches to this architecture and the AACD™ developers have various different recommendations. The current approach uses an Apache 2.x web server and builds an Apache C module that handles all requests from the DSSA™ clients.
To act as a client when communicating with the Digi-CA™ System, the CSG™ Apache module utilizes a cURL C API that provides the mechanisms for secure SSL/TLS communications and thus allows the CSG™ module to receive requests from the DSSA™ clients, communicate with the Digi-CA™ System and respond to DSSA™ clients within a single communication session.
The CSG™ has a web based interface on top of the SSH operating system interface to allow the administrator to manage the CSG™ configuration and the permission/denial of DSSA™ clients (remember that every DSSA™ is autonomous, see sub section 2.5.3). The panel provides the following functionalities:
The interface uses the PHP scripting language along with an Apache web server for hosting the DSSA™ web based panel application. In addition the AACD™ has a variety of C extended OpenSSL PKI [4] cryptographic functions for the PHP language that control and manage a typical basic PKI environment, for which CSG™ is a perfect target.
Links:
[1] https://www.digi-sign.com/downloads/download.php?id=aacd-digi-ssl-pdf
[2] https://www.digi-sign.com/aacd/daemon+server+side+application
[3] https://www.digi-sign.com/aacd/certificate+service+gateway
[4] https://www.digi-sign.com/public+key+infrastructure