This is a set of XML web services for PKI. It greatly
simplifies PKI operations and managements by exposing
Certificate Authority functionality as SOAP services. It is an
ideal software component for hosting your own private CA in an
enterprise environment. The XML web services are based on the
popular OpenSSL with the
- Certificates information is stored in an ODBC database
instead of the flat text file as in OpenSSL. This makes it
suitable for large scale deployment.
- All PKI operations in openssl.exe are reengineered into a
dynamically linked library, which is thread-safe and supports
multiple concurrent users..
- Service generated private keys are encrypted using Microsoft
DPAPI (Data Protection API).
- The services include a simple registration agent (RA).
The services support the following PKI operations:
- Issue: The operation generates public/private key
pair and signs a Certificate Signing Request (CSR) based on
user provided information. It returns the signed certificate
and the private key.
- SignCSR: The operation signs a Certificate Signing
Request in PEM format and returns the signed certificate.
- GenerateRequest: The operation creates a Certificate
Signing Request (CSR) based on user provided information.
- Revoke: The operation invalidates a previously issued
- Validate: The method validates a specified
certificate and verifies CA trust chain.
The web service operations are defined by WSDL file at http://soapclient.com/xml/certService.wsdl.
You can access the services using our Generic
SOAP Client. SQLData has implemented a powerful
for performing PKI operations using standard web service
Note: The carriage return characters
in the returned certificate are significant. If you use a web
browser to access the services, please use view source command
of the browser, and then cut and copy the returned
certificate or key information in PEM format.
This product includes software developed by the OpenSSL Project
for use in the OpenSSL Toolkit (http://www.openssl.org/).