Cryptlib implements full X.509 certificate support, including all X.509 version 3 extensions as well as extensions defined in the IETF PKIX certificate profile. Cryptlib also supports additional certificate types and extensions including SET certificates, Microsoft AuthentiCode and Netscape and Microsoft server-gated crypto certificates, Identrus certificates, S/MIME and SSL client and server certificates, SigG extensions, and various vendor-specific extensions such as Netscape certificate types and the Thawte secure extranet.
In addition to certificate handling, Cryptlib allows the generation of PKCS #10 certification requests with CMMF extensions and CRMF requests suitable for submission to certification authorities (CAs) in order to obtain a certificate. Since Cryptlib is itself capable of processing certification requests into certificates, it is also possible to use Cryptlib to provide full CA services.
Cryptlib implements the CMP protocol which fully automates the management of certificates, allowing online certificate enrolment, issue, update/replacement, and revocation of certificates. Using CMP removes from the user any need for technical knowledge of certificate management, since all details are managed by the CA.
Cryptlib also supports the creating and handling of the certificate chains required for S/MIME, SSL, and other applications, and the creation of certificate revocation lists (CRLs) with the capability to check certificates against existing or new CRLs either automatically or under programmer control. In addition to CRL-based revocation checking, Cryptlib also supports online status protocols such as OCSP.
Applications | Architecture | Pricing | Contact Us | Clients | FAQ | References