What is a Validation Authority?

Back to Wiki

A PKI Validation Authority (VA) provides validation of PKI certificates.

Certificate validation services can include access to Certificate Revocation Lists (CRL), Online Certificate Status Protocol (OCSP) and CA chain certificate downloads.

The validation of certificates is one of the cornerstones of PKI

Since certificates can not only be issued, but also revoked, it is necessary that the certificate validity is confirmed before trusting a certificate. That is where the Validation Authority comes in.

How the Validation Authority works with the Certificate Authority

The issuing Certificate Authority is responsible for feeding the Validation Authority with certificate status updates based on the defined policy.

With CRLs, you are dependent on the issuance of a list of the revoked digital certificates by each related certificate authority (CA).

For true online certificate validation, an OCSP Responder service can be more convenient. Using a back-end-storage, a Validation Authority can request the certificate status and update it immediately upon certificate revocation.

Read more about Validation Authority:
EJBCA® Validation

Validation Authority hardware appliance

How can we help?

  • Hidden
    I accept that PrimeKey stores my information, and I accept cookies for analysis and business identification. Read more about cookies and privacy policy here.
Contact us