issuing CA
E724320
An issuing CA is a certificate authority server that actually issues and manages digital certificates to clients and devices, typically operating beneath a root or policy CA in a public key infrastructure.
Statements (46)
| Predicate | Object |
|---|---|
| instanceOf |
certificate authority role
ⓘ
public key infrastructure component ⓘ |
| associatedWith |
certificate revocation infrastructure
ⓘ
registration authority ⓘ |
| canBe |
enterprise CA
ⓘ
online CA ⓘ private CA ⓘ public CA ⓘ |
| hasKeyType | CA private key ⓘ |
| hasRole | issuing certification authority ⓘ |
| implements |
PKI policies
ⓘ
X.509 standard NERFINISHED ⓘ |
| isBelowInHierarchy |
policy CA
ⓘ
root CA ⓘ |
| isSignedBy |
intermediate CA
ⓘ
root CA ⓘ |
| issues |
client certificates
ⓘ
device certificates ⓘ digital certificates ⓘ end-entity certificates ⓘ server certificates ⓘ |
| manages | digital certificates ⓘ |
| mayBeHostedOn | dedicated CA server ⓘ |
| mayBeProtectedBy | hardware security module ⓘ |
| mayLog |
certificate issuance events
ⓘ
certificate revocation events ⓘ |
| mustComplyWith | certificate policy constraints ⓘ |
| mustProtect | CA private key ⓘ |
| operatesUnder |
policy CA
ⓘ
root CA ⓘ |
| partOf | public key infrastructure ⓘ |
| performs |
certificate enrollment
ⓘ
certificate renewal ⓘ certificate revocation ⓘ |
| publishes | certificate revocation lists ⓘ |
| responsibleFor |
binding identities to public keys
ⓘ
certificate lifecycle management ⓘ |
| signs |
certificate signing requests
ⓘ
end-entity public keys ⓘ |
| supports | online certificate status protocol ⓘ |
| usedIn |
TLS deployments
ⓘ
VPN infrastructures ⓘ enterprise authentication systems ⓘ |
| uses |
certificate policies
ⓘ
certificate practice statements ⓘ certificate templates ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.