CSP Validation Authority is an on-premises solution for checking the validity status of issued certificates before their expiration date. When deployed on PKI Hub, this Entrust solution adds the following to the Base installation integration report.
Certificate Authorities supported by Validation Authority
Entrust CA is currently the only issuing Certificate Authority supported by Validation Authority.
Hardware secure modules supported by Validation Authority
See the following table for supported versions.
Hardware | Client driver | Firmware |
|---|---|---|
Entrust nShield Connect XC | 13.7.3 (FIPS 140-2 Level 3 mode supported) | 12.60.15 & 12.60.2 |
Entrust nShield 5c | 13.7.3 | 13.2.4 |
Thales Luna HSM 7 | 10.8.0 | 7.7.1-20 |
When integrating a Hardware Security Module (HSM):
- You do not need to install the client drivers because the solution already includes this software. However, these client drivers cannot be updated.
- You cannot use HSMs from different providers simultaneously, meaning that nShield and Thales HSMs cannot coexist within the same deployment.
- You can only use 1/N card sets. A card set of, for example, 2/5 cards is not supported.
- Changing the settings of an Entrust nShield HSM requires the steps described in Administrating nShield HSM integration.
Databases supported by Validation Authority
Validation Authority is tested with the following external databases.
Database vendor | Version |
|---|---|
PostgreSQL | 15 |
Oracle | 21.3.0-xe |
Microsoft SQL Server | 2019-CU15-ubuntu-20.04 |
2022-CU13-ubuntu-22.04 |