CSP CA Gateway is a lightweight, container-based module implementing a CA-agnostic Certificate Lifecycle and Policy Management API. Using CA Gateway, your applications can implement certificate issuance, renewal, and revocation actions across all your Entrust-supported Certification Authorities (CAs). CA Gateway provides policy retrieval capabilities that applications can use to customize API and user-facing dialogs to ensure that certificate actions conform to organizational policies.
CA Gateway supports easy upgrades using container technology. We maintain backward compatibility on the API so you can upgrade CA Gateway without worrying that consuming applications will encounter API problems. We release CA Gateway quarterly to make new features available.
When deployed on PKI Hub, CA Gateway supports the following products.
Certificate Authorities compatible with CA Gateway
CA Gateway is compatible with the following Certificate Authorities.
Product | Version | Support Notes |
|---|---|---|
Entrust Certificate Authority (ECA) | 10.2 | Storing ECA 10.2 RA credentials in nCipher or Luna HSM is not supported |
10.1.1 | Storing ECA 10.1.1 RA credentials in nCipher or Luna HSM is not supported | |
8.3 | Storing ECA 8.3 RA credentials in nCipher or Luna HSM is not supported | |
The Events API is not supported | ||
Entrust Certificate Services | Service | TLS certificates are supported |
Entrust PKIaaS | Service | CSRs must be provided on enrollment. |
Microsoft Active Directory Certificate Authority | 2019, 2016, 2012 R2 | CSRs must be provided on enrollment |
Open-source plugins compatible with CA Gateway
CA Gateway is compatible with the following open-source plugins.
Support is limited to CA Gateway interoperation with the plugin.
Product | Version | Support Notes |
|---|---|---|
Entrust CA Gateway Vault Client | N/A | This is an Entrust open-source client for Hashicorp Vault that may be obtained from https://github.com/EntrustCorporation/CA Gateway-vault-plugin |