2023-12-18
EJBCA implements the concept of the Validation Authority (VA). The VA plays a crucial role in determining the current validity of certificates. Unlike issuing or revoking certificates, the VA validates them by furnishing a Certificate Revocation List (CRL) for the Certificate Authority (CA). Alternatively, the EJBCA VA supports the Online Certificate Status Protocol (OCSP), offering real-time certificate status checks compared to the scheduled generation of CRLs. When queried, the EJBCA VA promptly responds to OCSP requests, indicating whether a certificate is valid, revoked, or unknown. In a Public Key Infrastructure (PKI), multiple VAs can be linked to each CA to ensure access to comprehensive certificate validation services.
Learn how to get started with CRLs with the EJBCA VA.
Learn how to Get started with OCSP functionality and the EJBCA VA.
Building a PKI architecture with EJBCA
Understanding the EJBCA concepts, including the Validation Authority