Enterprise Integration, Security & Technology Solutions
Axway - Global
- Argentina - Spanish
- Australia - English
- Austria - German
- Belgium - English
- Brazil - English
- Canada - English
- Central America - Spanish
- China - English
- Denmark - English
- Finland - English
- France - French
- Germany - German
- Hong Kong - English
- Ireland - English
- Italy - Italian
- Japan - English
- Korea - English
- Luxembourg - English
- Malaysia - English
- Mexico - Spanish
- Morocco - French
- Netherland - English
- New Zealand - English
- Norway - English
- Other - English
- Russia - English
- Singapore - English
- South America - Spanish
- Spain - Spanish
- Sweden - English
- Switzerland - French
- Switzerland - German
- Switzerland - Italian
- Turkey - English
- United Kingdom - English
- United States - English
Digital Certificate Validation for Leading Web and Application Servers
VA Server Validator is a flexible client application that enables digital certificate validation on the most widely used secure Web servers and Web application servers available on UNIX, Windows, and Apple platforms, including:
- Apache
- Oracle Application Server
- Red Hat Strong Hold
- BEA WebLogic
- IBM Lotus Domino
- SUN Web Server
VA Server Validator utilizes the native interfaces of these Web and application servers to add digital certificate validation functionality as part of the product’s PKI-based client authentication. Working as a plug-in, Server Validator can query a VA Server (or any other standards-based digital certificate validation responder) using a variety of protocols, or utilize a Certificate Revocation List (CRL) to determine the status of a digital certificate presented by a client. Clients with revoked, invalid or expired certificates are denied access to the server or application.
Server Validator enables digital certificate validation via standard protocol queries to a VA Server (or other standards-based responder) or via CRL lookups, the reliability and performance of which can be greatly improved by using the VA Server and the Axway VACRL protocol to distribute CA or VA manufactured CRLs and delta CRLs to SV enabled application servers.
Robust security and non-repudiation
Server Validator is Certificate Authority (CA)-neutral and can process CRL data from multiple CA or VA sources to support complex trust models and certificate policy controls for path processing and policy enforcement. It will perform end-to-end certificate validation if one or more intermediate CAs are used and the validation policy requires a complete certificate chain validation.
Server Validator can communicate securely with VA Server utilizing SSL/TLS, and digitally sign requests to the VA server for deployments that require a high degree of auditability and non-repudiation. Server Validator also supports cryptographic hardware security modules (HSMs) via the standard PKCS #11 interface, including FIPS 140-2 Level 3 and 4, which can be used to accelerate digital signing and SSL/TLS operations.
Validation caches
Server Validator provides support for two separate, configurable validation caches. One is an in-memory repository of all certificate validation requests, regardless of the validation mechanism. The other is a disk-resident CRL repository. Caching parameters, including the time-to-live of response and the total size of the cache, are flexible to meet the requirements of a specific deployment. Caching can improve performance and increase reliability in environments where the underlying network is not always available. Server Validator also offers a robust failover mechanism for querying multiple VA Servers or CRL repositories.
Automatic configuration
Server Validator can be automatically configured using parameters obtained from one or more Axway VA servers, precluding administrators from having to manually fetch the signing credentials of each instance. This integration greatly facilitates the operation of Server Validator in large-scale application deployments.
The Validation Authority Suite also includes:
- Validation Authority Server, a high-performance multi-platform server that processes client digital certificate status queries using a variety of protocols, including OCSP, SCVP, CMP and VACRL.
- Desktop Validator, a flexible client application that enables Microsoft Windows-based desktop and server applications to validate digital certificates via the Microsoft Cryptographic API (CAPI).
- Validator Toolkit, a complete set of certificate validation functions, source code examples and reference manuals that enables certificate validation integration into commercial or custom applications developed in C/C++ or Java.
© 2013 AxwayAll rights reserved.
RSS
Facebook
Twitter
Blog