V-CA Certificate Management and Issuance Solution
V-CA is a high-performance Certificate Management and Issuance solution with high customization capabilities. V-CA provides a full set of features and components of a PKI system, including OCSP, RA Service, Publisher... forming a complete and comprehensive PKI system.
Additionally, V-CA has the following distinctive points:
- Provides the ability to build CAs at multiple levels, unlimited in quantity.
- Supports RSA algorithm with key lengths up to 4096 bits.
- Supports DSA algorithms with key lengths up to 1024 bits.
- Supports hash functions like MD5, SHA-1, SHA-256.
- Certificates issued strictly comply with X509 standards.
- Strict compliance with Vietnamese legal regulations such as Decree 130; Circular 06…
Solution intended for:
- Organizations providing Public Digital Signature Authentication services (ViettelCA, VNPTCA, FPTCA…)
- Organizations providing dedicated Electronic Signature, Digital Signature services such as Banks like Aribank, Vietcombank, ACB…
The overall model of V-CA is as follows:
(Overview model of the V-CA solution)
Description of V-CA Components
Component | Function Description |
---|---|
CA | - Supports RSA algorithm with key lengths up to 4096 bits. - Supports DSA algorithms with key lengths up to 1024 bits. - Supports ECDSA algorithms. - Supports hash functions like MD5, SHA-1, SHA-256. - Certificates issued strictly comply with X509 standards. - Additionally, one can choose the type of publisher they want such as LDAP, dynamic directories (AD - Active Directory) or a self-made publisher connection. - Certificate issuance always adheres to X509 standards. - Certificate issuance can be self-signed, external CA (meaning root CA and sub CAs), or administrative CA. - Issued in formats such as p12, JKS, PEM - Supports LDAP, automatic CRL updates |
RA | - Registration Authority (RA) verifies registration information for end entities. Web supports customer profile entry, approval, and digital certificate generation. |
TMS (public, private) |
Service interacting with USB token management software communicating with the system. Functions: - Issues new, renews digital certificates. - Locks, unlocks USB Tokens. - Supports other customer support tasks (certificate download, notifications…) |
RA Service | Service supporting issuance, renewal, revocation, reissuance of digital certificates |
Token manager client | Software managing digital certificates, USB tokens on customer machines. Functions: - Issues new, renews digital certificates. - Locks, unlocks USB Tokens. - Imports digital certificates, supporting digital signing libraries, USB communication on customer machines. - Supports other customer support tasks (certificate download, system notifications…) |