SSL Certificate Managed PKI Personal ID MyTRUST MyKAD ID SSL VPN Managed Security Services VeriSign Certified Training Application Development
WhitePapers PKI Glosary Brochures

 

  Support - SSL
 
FAQ - Managed PKI for SSL
 
   What are Server IDs?
   What is VeriSign Managed PKI™ for SSL?
   What can I use Managed PKI for?
   Benefits and Features of Managed PKI?
   How do I use Managed PKI to approve, reject, or revoke subscriber certificates?
   How do my End Users enrol for their Secure Server IDs?
   How is Managed PKI for SSL upgraded?
   Can Managed PKI Issue IPSEC or Client certificates?
   How does Certificate Revocation work?
   How do I Purchase Managed PKI for SSL?



What are Server IDs?

On the Internet, businesses need a way to ensure their corporate communications (whether for Internet, Intranet, or Extranet purposes) are secured. These days the most convenient and reliable means to ensure authenticated, encrypted communications between clients and servers is via the use of Digital Certificates and the Secure Sockets Layer protocol. When a browser and a server conduct a session using SSL:
1.
The browser can be assured that the server belongs to a recognised organization (e.g. the browser can automatically determine that it is really talking www.abc.com, a server run by ABC corporation, and not to an imposter)
2.
The server can, optionally, authenticate the client
3.
All communication that flows between the browser and the server is encrypted.

VeriSign Secure Server IDs work with over 50 brands of Web Server Software, including Microsoft IIS, Netscape Enterprise, C2Net Stronghold Apache, Lotus Domino, and Tand iTP Webserver. VeriSign public label server IDs are instantly recognised by 98% of the installed base of web browsers, making establishment of SSL sessions quick and painless for visitors to your site. For more information on VeriSign Secure Server IDs, SSL, and web security, please click here
[back to top]


What is VeriSign Managed PKI™ for SSL?

VeriSign Secure Server IDs have proven to be the right solution for over 55,000 organizations trying to secure their intranet, internet, and extranet communications. However, for many large sites, obtaining, coordinating, renewing, and managing Digital IDs for a large number of servers has proven to be problematic.

Managed PKI for SSL allows you to issue and manage customized corporate certificates using our world-class certificate technology and security infrastructure.

Managed PKI for SSL saves you time and money by providing your organization with easy to use tools to customize the enrolment, validation, and issuance of certificates. You can appoint one or more individuals to serve as your Managed PKI administrator, with full authority to approve, renew, reject, and administer certificates. Your end-users interact with customized, Web-based enrolment forms to request IDs for their servers. Once your administrator approves your certificate request, VeriSign will instantly issue certificates, thus saving your organization the 3-5 business day lead time normally required to obtain Secure Server Certificates.

One of the main advantages of Managed PKI is that it lets you control your own CA (approving/rejecting/revoking certificates) from a simple set of web pages, without having to worry about the mundane and expensive aspects of being a CA (backups, maintenance of hardware and software, disaster recovery and many other items).

[back to top]

What can I use Managed PKI for?

Managed PKI issues your end users Secure Server IDs which they can use to set enable secure, authenticated sessions using SSL for your internet, intranet, or extranet communications. If you choose to use Managed PKI for Server IDs in Conjunction with Managed PKI for Client IDs, the same administrator can easily manage the issuance of both server and client IDs, making the establishment of access restricted areas of your web site or your corporate intranet a breeze.
[back to top]

Benefits and Features of Managed PKI?

Features of Managed PKI:
 
Local control - Each customer's administrator has complete control over which servers are issued a certificate.
 
Easy to use administrative tools and reports - The administrator has easy access to an extensive set of tools to control and manage their CA through the Managed PKI Control Center. In addition there is a report feature available, allowing an administrator to monitor several aspects of their company's certificate service.
 
Rapid turn-around – MSC Trustgate issues certificates as soon as we receive approval from your administrator.
 
Easy and predictable addition and renewal of certificates - With Managed PKI's combination of centralized control, full reporting, customizable certificate validity periods, and rapid turn-around, managing a farm of hundreds or even thousands of certificates becomes a snap. You can now predictably add, renew, or revoke certificates, according to the time frame that makes sense for your organization.
 
Always supports the latest standard applications –The certificates supports Netscape and Microsoft browsers. VeriSign Managed PKI is continually updated to support the latest applications, at no cost to the customer and with no effort required.
 
Extensive infrastructure - VeriSign Managed PKI's back end systems are operated in our secure Operations center. We take advantage of the sophisticated facilities, security, and practices to support all services. Complete offsite backup and disaster recovery is also included as part of the service. Providing a similar level of support for an in-house solution would be prohibitively expensive.
 
Adaptable to your Organizational Structure - Customize the information required to enroll for, renew, or revoke certificates. Appoint one administrator or multiple administrators. Give administrators broad control over a number of domains (e.g. abc.com, abc.net, alphabet.co.uk), or restrict each administrator to a particular set of domains (e.g. give one administrator control of engineering.abc.com, give another administrator control of sales.abc.com). With Managed PKI, you are free to tailor the tool to meet the needs of your organization.

Key Benefits:
 
World Class PKI (Public Key Infrastructure) – VeriSign is the recognized leader in developing scaleable public key certificate systems, hence our Managed PKI customers leverage on our technical and legal expertise in digital signatures and certificates to have a proven and secure PKI instantly.
 
Up and running quickly - Once MSC Trustgate has activated your service you can have your Managed PKI up and running overnight, much faster than ordering a software package, installing it, and learning to configure and use it.
 
No extensive training required - The customer uses simple Web pages both for end user services and administrative functions. Our extensive certificate expertise, infrastructure, and practices are leveraged behind the scenes, while the customer maintains full control over the actual CA functions.
 
Less expensive - With bulk purchasing, you get both volume discounts and the convenience of buying certificates in bulk. There are no additional or hidden costs. Shrink-wrapped certificate server software may cost less to start with, but when the costs of browser root support, hardware, networking connectivity, disaster recovery, tape backups, operations support, security infrastructure, etc. are added in, it quickly becomes a much more expensive proposition.
 
No software or hardware required - All the customer is required to have is a Web browser supporting client certificates (Netscape Navigator or Internet Explorer 3.0 or later) and Internet access.
 
Easily distributed - Multiple administrators can access the Managed PKI to issue certificates at sites around the world, easily and with minimal incremental costs. All a branch office needs to obtain certificates is a browser with connection to the Internet.
 
Grows with you – MSC Trustgate automatically upgrades the infrastructure whenever necessary to support customer volumes as they grow. Customers can simply use the system, without having to worry that it's becoming overloaded.
[back to top]

How do I use Managed PKI to approve, reject, or revoke subscriber certificates?

Managed PKI Administrators are granted access to a special set of web pages to administer certificates. From this location, Administrators control the authentication, approval, revocation, and reporting functions.
[back to top]


How do my End Users enrol for their Secure Server IDs?

Enrolling
      1. User generates CSR
      2. User securely enrolls via Web
      3. Pending request appears in Managed PKI Control Center
      4. Administrator securely validates user enrolment request
      5. VeriSign generates certificate and sends it to user's e-mail address
      6. User securely downloads ID and installs on server
[back to top]

How is Managed PKI for SSL upgraded?

VeriSign maintains the issuing system and all upgrades will be performed by VeriSign. Updates to the system will be reflected in the Managed PKI Administrative Pages under ONSITE NEWS. Upgrades to the existing services are included within your yearly Managed PKI fee. New components (not upgrades to existing ones) may carry additional fees, however.
[back to top]

Can Managed PKI Issue IPSEC or Client certificates?

Yes! In fact, the same administrator can issue and manage all different types of certificates from the same control center. However, you will need to order the different services separately.
[back to top]
How does Certificate Revocation work?

When a certificate is revoked, its operational period is considered terminated immediately. When an administrator revokes a certificate, the VeriSign library is updated to reflect this status. Managed PKI provides a CRL (certificate revocation list) available for download, which is a list of the certificates reflecting revoked status.
[back to top]
How do I Purchase Managed PKI for SSL?

You can contact MSC Trustgate SSL team by calling +603 8318 1800 ext 225 or e-mail support@msctrustgate.com
[back to top]