Securing the user certification process
Certificates are one of the main components of advanced security. Because the certification process itself must be secure, several aspects of the Certificate Manager contribute to secure certification.
Only a CA who logs on with the CA password can issue and revoke user certificates.
Each user certificate consists of two files, a public certificate file and a corresponding private key file. These must be decrypted with the user’s password before the user can gain access to the system. The file set for each user certificate is unique.
User certificates must be created on the computer that runs the Certificate Manager. They cannot be created remotely.
User and public certificate files are stored in an encrypted form.
Private key files can be created on the computer that runs the Certificate Manager or on end-user computers.
- If private key files are created on the computer that runs the Certificate Manager, then public certificate files and private key files must be manually distributed. These go to all the computers that run clients.
- If private key files are created on end-user computers, then they can be incorporated into Certificate Requests. These can be encrypted and emailed to the Security Administrator and then decrypted and used to generate User certificates. These can then be emailed to end-users.
Certificates can be revoked by the security administrator. A CRL (Certificate Revocation List) is stored on the computer that runs the Certificate Manager, and checked whenever a user attempts to log in. A user whose certificate is on the CRL cannot complete the log-in.
If a CRL expires, then no one can log in to any client without the CA password. Only the security administrator can log in until the CRL is refreshed.