Validation Authority is an on-premises solution for checking the validity status of issued certificates before their expiration date. When deployed on Cryptographic Security Platform, this Entrust solution adds the following to the Base installation integration report.
Certificate Authorities supported by Validation Authority
Entrust CA is currently the only issuing Certificate Authority supported by Validation Authority.
Hardware secure modules supported by Validation Authority
Validation Authority supports the following Hardware Secure Modules (HSM).
Hardware | Client driver | Firmware |
---|---|---|
Entrust nShield Connect XC | 13.9.0 (FIPS 140-2 Level 3 mode supported) | 12.60.15 & 12.60.2 |
Entrust nShield 5c | 13.9.0 | 13.2.4 |
Thales Luna HSM 7 | 10.8.0 | 7.7.1-20 |
When integrating a Hardware Security Module (HSM):
- You do not need to install the client drivers because the solution already includes this software. However, these client drivers cannot be updated.
- You cannot use HSMs from different providers simultaneously, meaning that nShield and Thales HSMs cannot coexist within the same deployment.
- You can only use 1/N card sets. A card set of, for example, 2/5 cards is not supported.
- Changing the settings of an Entrust nShield HSM requires the steps described in Administrating nShield HSM integration.
Signature key generation algorithms supported by Validation Authority
Validation Authority supports the following algorithms for generating the OCSP response signing key.
<key_type> | Description | Post-quantum |
---|---|---|
RSA2048 | RSA 2048 bits |
|
RSA3072 | RSA 3072 bits |
|
RSA4096 | RSA 4096 bits |
|
ECDSAP256 | ECDSA curve NIST P-256 |
|
ECDSAP384 | ECDSA curve NIST P-384 |
|
ECDSAP521 | ECDSA curve NIST P-521 |
|
ML-DSA-44 | Module-Lattice-Based Digital Signature Algorithm 44-bit |
|
ML-DSA-65 | Module-Lattice-Based Digital Signature Algorithm 65-bit |
|
ML-DSA-87 | Module-Lattice-Based Digital Signature Algorithm 87-bit |
|
Database management systems supported by Validation Authority
Cryptographic Security Platform solutions support the following database management systems (DBMS).
Solution | Oracle | PostgreSQL | Microsoft SQL Server |
---|---|---|---|
Certificate Authority |
| 15+ |
|
Certificate Manager |
| 15+ | |
Validation Authority | 21.3.0 | 15+ | 2019 CU15 |
2022 CU13 | |||
Certificate Enrollment Gateway | 15+ | 2019+ | |
2022+ |