Validation Authority is an on-premises solution for checking the validity status of issued certificates before their expiration date. When deployed on Cryptographic Security Platform, this Entrust solution adds the following to the Base installation integration report.

Certificate Authorities supported by Validation Authority

Entrust CA is currently the only issuing Certificate Authority supported by Validation Authority. 

Hardware secure modules supported by Validation Authority

Validation Authority supports the following Hardware Secure Modules (HSM).

Hardware

Client driver

Firmware

Entrust nShield Connect XC

13.9.0  (FIPS 140-2 Level 3 mode supported)

12.60.15 & 12.60.2

Entrust nShield 5c

13.9.0

13.2.4

Thales Luna HSM 7

10.8.0

7.7.1-20

When integrating a Hardware Security Module (HSM):

  • You do not need to install the client drivers because the solution already includes this software. However, these client drivers cannot be updated.
  • You cannot use HSMs from different providers simultaneously, meaning that nShield and Thales HSMs cannot coexist within the same deployment.
  • You can only use 1/N card sets. A card set of, for example, 2/5 cards is not supported.
  • Changing the settings of an Entrust nShield HSM requires the steps described in Administrating nShield HSM integration.

Signature key generation algorithms supported by Validation Authority

Validation Authority supports the following algorithms for generating the OCSP response signing key.

<key_type>

Description

Post-quantum

RSA2048

RSA 2048 bits

(error) 

​RSA3072

RSA 3072 bits

(error) 

RSA4096

RSA 4096 bits

(error) 

ECDSAP256

ECDSA curve NIST P-256

(error) 

ECDSAP384

ECDSA curve NIST P-384

(error) 

ECDSAP521

ECDSA curve NIST P-521

(error) 

ML-DSA-44

Module-Lattice-Based Digital Signature Algorithm 44-bit

(tick) 

ML-DSA-65

Module-Lattice-Based Digital Signature Algorithm 65-bit

(tick) 

ML-DSA-87

Module-Lattice-Based Digital Signature Algorithm 87-bit

(tick) 

Database management systems supported by Validation Authority

Cryptographic Security Platform solutions support the following database management systems (DBMS).

Solution

Oracle

PostgreSQL

Microsoft SQL Server

Certificate Authority

(error) 

15+

(error) 

Certificate Manager

(error)  

15+

(error)

Validation Authority

21.3.0

15+

2019 CU15

2022 CU13

Certificate Enrollment Gateway

(error)

15+

2019+

2022+