Using the Credential Provider SPI to Support Different Certificate Authorities

This section introduces the second of the use cases—support for a third-party certificate authority (CA). Use cases are comprised of subsections that briefly describe and define how some type of ActivID CMS functionality can be integrated into a custom application.

Use Case: Supporting a Third-Party Certificate Authority

Use Case Goal

To support a third-party certificate authority that ActivID CMS does not already support using the Credential Provider SPI A Service Provider Interface (SPI) consists of a set of constant definitions and method declarations without implementations and intended to be called or used in a pre-determined generic manner with a set of outputs that meet pre-determined abstract rules and expectations..

Context

The default Certificate Authorities supported by ActivID CMS include the following:

  • Entrust®

  • HID PKI-as-a-Service

  • IdenTrust®

  • Microsoft®

  • OpenTrust® PKI

  • Symantec® (formerly VeriSign®) Managed PKI v8

  • Verizon® (formerly Cybertrust®) UniCERT™ UPI.

The Credential Provider SPI makes it possible for you to integrate ActivID CMS with other credential providers (such as the PKI Certificate Authority) that are not supported by the default configuration of ActivID CMS. The Credential Provider SPI allows you to extend the list of CAs that are supported by ActivID CMS.

Solution

Use the Credential Provider SPI to develop a Credential Provider plug-in that allows ActivID CMS to communicate with other third-party CAs.

Examples

For More Information

For more information, refer to About the Credential Provider Service Provider Interface (SPI).