Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Z1 Manual

    Încărcat de

    Ivana Jazidzija
    152 vizualizări6 pagini
    Installation guide

    Titlu original

    Z1 manual

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    Installation guide

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    152 vizualizări6 pagini

    Z1 Manual

    Încărcat de

    Ivana Jazidzija
    Installation guide

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 6

    Z1 CertServer

    Getting Started
    March 4, 2015

    Z1BB 1/3

    Contents
    1. Introduction
    1.1. Z1 CertServer: Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . .
    1.2. Advantages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

    3
    3
    3

    2. Features
    2.1. Z1 CertServer Environment
    2.2. End User Clients . . . . .
    2.3. Administration Client . . .
    2.4. External Services . . . . .

    4
    4
    5
    5
    5

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    A. Disclaimer and Copyright

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    .
    .
    .
    .

    1. Introduction
    1.1. Z1 CertServer: Overview
    Z1 CertServer is a database driven application for storage and administration of X.509 certificates, X.509 Certificate Revocation Lists (CRLs) and PGP keys. It is designed for customers
    using an X.509 or PGP public key infrastructure. Z1 CertServer provides central access to
    their own as well as their communication partners keys and certificates. Z1 CertServer is
    a Zertificon Solutions GmbH product. Please refer to http://www.zertificon.com/ for more
    information.

    1.2. Advantages
    These are Z1 CertServers main advantages:
    Central storage and administration of X.509 certificates, X.509 CRLs and PGP keys.
    Single point of access to certificates and keys.
    External search features for certificates and keys on any public LDAP server or PGP
    keyserver.
    Validation service for X.509 certificates.
    Integration of a hierarchical trust model for PGP keys.
    SOAP interface for simple integration into business applications.

    2. Features
    Public key infrastructures (PKIs) are at the root of secure e-business in the Internet. Moreover,
    this technology allows to protect content sent by email from being seen by third persons without genuine authorization. Eventually, it provides means of checking the integrity of messages
    transmitted via the Internet by electronic signature.
    Z1 CertServer noticeably simplifies PKI usage. It provides complex PKI functions such as
    retrieval, validation and management of both X.509 and PGP certificates. As far as possible,
    Z1 CertServer will centrally, transparently and automatically carry out such tasks for end
    users and applications.

    2.1. Z1 CertServer Environment

    Figure 2.1.: Z1 CertServer Environment

    Z1 CertServer queries any publicly reachable TrustCenter and its LDAP directories or PGP
    keyservers during certificate requests. It furthermore checks CRL distributors and OCSP services to ensure a certificates validity. Applications with an integrated Z1 CertServer Client
    can access the device over a secure HTTPS connection. Connectivity is provided by the
    Z1 CertServer Client API, supporting wireless connections to handle requests from mobile
    devices as well.

    2.2. End User Clients


    Z1 CertServers interface supports any type of client or application. Below is a list of clients
    most commonly used for access to Z1 CertServer:
    Z1 SecureMail Gateway: From the perspective of Z1 CertServer, Z1 SecureMail
    Gateway is a client connecting through the Z1 CertServer Client API. For more information about Z1 SecureMail Gateway, please refer to its product documentation.
    End User Web Client: A user web client targetting regular end users may be set up
    as well, although such a client should be restricted to receive, validate and import user
    certificates only.
    Mobile Clients: wireless devices may connect as clients to Z1 CertServer as well.

    2.3. Administration Client


    For configuration adjustments and custody of settings, Z1 CertServer contains a dedicated
    administration interface. This can be called with a HTTPS secured connection with any common web browser. It allows full administration and configuration of the software.

    2.4. External Services


    Moreover, Z1 CertServer can be used by the external services listed below:
    PGP Keyservers: Z1 CertServer can retrieve public PGP keys from all PGP keyservers
    registered inside the application. For this, the PGP-HKP protocol is used.
    Directory Services: Z1 CertServer retrieves regular X.509 user certificates from the
    directory services registered inside the application. For this, the LDAP protocol is used.
    DNS: Z1 CertServer retrieves X.509 domain certificates stored by Z1 SecureMail users
    from the Domain Name System. This occurs via common DNS calls.
    CRL services: To validate X.509 certificates, Z1 CertServer needs up-to-date CRLs.
    These are regularly gathered from CRL services, and synchronized with application
    data.
    OCSP services: Z1 CertServer is equipped with a feature retrieving certificate revocation information in real time. For this the OCSP protocol is used.

    A. Disclaimer and Copyright


    These manuals are subject to copyright. Without prior written agreement all rights, especially
    of translation, reprinting, storage and electronic processing are reserved to Zertificon Solutions
    GmbH http://www.zertificon.com. All information inside these manuals exclusively serves
    information purposes and can be changed without prior announcement. Zertificon Solutions
    GmbH http://www.zertificon.com/ assumes no liability for any omissions and misrepresentations and consequentially resulting damages.

    S-ar putea să vă placă și