HID® pivCLASS® Certificate Manager

PKI certificate validation – path discovery, validation and revocation checking
pivCLASS® Certificate Manager - Government Access Control

HID Global’s pivCLASS Certificate Manager is a server-based software application used to revalidate extracted or imported PKI-based credentials such as the PIV certificate and CAK certificate. Periodic revalidation can be scheduled using the operator interface. Revalidation includes path discovery (if needed), path validation and revocation checking.

The Certificate Manager can validate certificates signed by either RSA or ECC cryptographic algorithms. Revocation checking is conducted by contacting the issuing Certificate Authority or a Certificate Validation Authority to retrieve certificate revocation lists (CRLs), Online Certificate Status Protocol (OCSP) responses or Server-based Certificate Validation Protocol (SCVP) responses.

Key features:

  • Easy to deploy and use
  • Tested by GSA as part of the pivCLASS FIPS 201 solution
  • Interoperable with every standards compliant Certificate Validation Authority
  • Supports all NIST specified key lengths and signing algorithms

pivCLASS software components support:

  • Microsoft® Windows Server 2016, 2012, 2008 & Microsoft Windows 10, 8.1, 7
  • Interoperable with any SQL database supported by the Microsoft .NET Framework 2.0, including Oracle®, Microsoft SQL Server
    • Microsoft Access as well as Firebird 2.0 supported for test and development environments

pivCLASS software components minimum hardware requirements:

  • CPU – 1.8 GHz
  • Random Access Memory – 1 gigabyte
  • Hard Disk Space – 40 gigabytes
  • Network – requires network connectivity with cardholders’ credential issuing Certificate Authorities to support PKI validation