Home | SOAP Tools | UDDI Browser | ResourcesSource Code | RFCs | News Reader  | SOAP Interop | Bookmarks 

  

PKI - XML Web Services

Introduction

This is a set of XML web services for PKI. It greatly simplifies PKI operations and managements  by exposing Certificate Authority functionality as SOAP services. It is an ideal software component for hosting your own private CA in an enterprise environment. The XML web services are based on the popular OpenSSL with the following extensions:

  • Certificates information is stored in an ODBC database instead of the flat text file as in OpenSSL. This makes it suitable for large scale deployment.
  • All PKI operations in openssl.exe are reengineered into a dynamically linked library, which is thread-safe and supports multiple concurrent users..
  • Service generated private keys are encrypted using Microsoft DPAPI (Data Protection API).
  • The services include a simple registration agent (RA).

The services support the following PKI operations:

  • Issue: The operation generates public/private key pair and signs a Certificate Signing Request (CSR) based on user provided information. It returns the signed certificate and the private key.
  • SignCSR: The operation signs a Certificate Signing Request in PEM format and returns the signed certificate.
  • GenerateRequest: The operation creates a Certificate Signing Request (CSR) based on user provided information.
  • Revoke: The operation invalidates a previously issued certificates.
  • Validate: The method validates a specified certificate and  verifies CA trust chain.

Usage

The web service operations are defined by WSDL file at http://soapclient.com/xml/certService.wsdl. You can access the services using our Generic SOAP Client. SQLData has implemented a powerful XKMS Client for performing PKI operations using standard web service interfaces.

Note: The carriage return characters in the returned certificate are significant. If you use a web browser to access the services, please use view source command of the browser,  and then cut and copy the returned certificate or key information in PEM format.

Acknowledgment:


This product includes software developed by the OpenSSL Project  for use in the OpenSSL Toolkit (http://www.openssl.org/).


Copyright 1997-2011 SQLData System, Inc  All rights reserved.

Comments, or suggestions? Send to info2 at sqldata.com

This site is powered by SQLData SOAP Server