Key Terminology and how it applies to ManageSecure®
PKI = Public Key Infrastructure
A public key infrastructure consists of a certificate authority, and a group of users that trust the certificate authority to issue certificates for the purpose
of identifying or authorizing users in the network. Typically a PKI also contains tools to locate, manage, and revoke certificates.
Certificate
A certificate is a binary file that contains some information about the user (such as the users distinguished name), and a signature by a trusted party
(e.g., certificate authority). Certificates in ManageSecure conform to X.509 stanadard. X.509 certificates can be processed by any standard browser or
web-server.
Certificate Request
A certificate request is a binary (or ASCII encoded) file that contains information needed by the certificate authority to generate a certificate. Certificate
requests can be generated from the ManageSecure browser based form, or from the ManageSecure admin client, or from within the IIS webserver (in
this last case, the certificate request is only used for generating a web-server certificate).
CRL = Certificate Revocation List
A certificate revocation list is a file that contains a list of certificate sequence numbers of those certificates that have been revoked, along with a
signature by a trusted party (e.g., Certificate Authority). CRLs in ManageSecure conform to the X.509 standard.
LDAP = Lightweight Directory Access Protocol
LDAP is a standard way to organize information using a hierarchical data
model and to query this information. ManageSecure allows you to publish/
query certificates to/from an LDAP directory, including Microsoft Windows
Active Directory, which implements the LDAP standard.