HID® pivCLASS® Certificate Manager
Category pivCLASS®
Brand HID
PKI certificate validation – path discovery, validation and revocation checking

HID Global’s pivCLASS Certificate Manager is a server-based software application used to revalidate extracted or imported PKI-based credentials such as the PIV certificate and CAK certificate. Periodic revalidation can be scheduled using the operator interface. Revalidation includes path discovery (if needed), path validation and revocation checking. The Certificate Manager can validate certificates signed by either RSA or ECC cryptographic algorithms. Revocation checking is conducted by contacting the issuing Certificate Authority or a Certificate Validation Authority to retrieve certificate revocation lists (CRLs), Online Certificate Status Protocol (OCSP) responses or Server-based Certificate Validation Protocol (SCVP) responses.

Key features

  • Easy to deploy and use
  • Tested by GSA as part of the pivCLASS FIPS 201 solution
  • Interoperable with every standards compliant Certificate Validation Authority
  • Supports all NIST specified key lengths and signing algorithms

pivCLASS software components support:

  • Microsoft Windows Server 2016, 2012, 2008 & Microsoft Windows 10, 8.1, 7
  • Interoperable with any SQL database supported by the Microsoft .NET Framework 2.0, including Oracle, Microsoft SQL Server
    • Microsoft Access as well as Firebird 2.0 supported for test and development environments

pivCLASS software components minimum hardware requirements:

  • CPU – 1.8 GHz
  • Random Access Memory – 1 gigabyte
  • Hard Disk Space – 40 gigabytes
  • Network – requires network connectivity with cardholders’ credential issuing Certificate Authorities to support PKI validationhidglobal.comPHYSICAL ACCESS SOLUTIONSpivCLASS® RegistrationEngine & pivCLASS®Certificate ManagerCARDHOLDER VALIDATION SOLUTION FOR HSPD-12 COMPLIANCE WITH AUTOMATED PACS REGISTRATION AND CERTIFICATE MANAGEMENTƒEnables FIPS 201 compliance – For validation of and registration with physical access control systems (PACS). Can update an existing cardholder record, or insert one if one does not already existƒActive or passive badge suspension – Checks card certificate serial number is on Certificate Revocation List (CRL) or FASC-N is on TWIC CCLƒModular Solution – Provides maximum deployment flexibilityƒOperates with compliant fingerprint capture devices – COTS FIPS 201 PIV-II and ANSI INCITS 378ƒSupports multiple credentials – PIV, PIV-I, TWIC, CAC, CIV, and FRACƒIntegrated with several fixed biometric readers – Sends certificate revocation status, TWIC Privacy Key (TPK), etc. to the fixed reader upon request

    Related Categories