CSP CA Gateway is a lightweight, container-based module implementing a CA-agnostic Certificate Lifecycle and Policy Management API. Using CSP CA Gateway, your applications can implement certificate issuance, renewal, and revocation actions across all your Entrust-supported Certification Authorities (CAs). CSP CA Gateway provides policy retrieval capabilities that applications can use to customize API and user-facing dialogs to ensure that certificate actions conform to organizational policies.

CSP CA Gateway supports easy upgrades using container technology.  We maintain backward compatibility on the API so you can upgrade CSP CA Gateway without worrying that consuming applications will encounter API problems. We release CSP CA Gateway quarterly to make new features available.  

When deployed on Cryptographic Security Platform, CA Gateway supports the following products. 

Certificate Authorities compatible with CSP CA Gateway

CSP CA Gateway is compatible with the following Certificate Authorities. 

Product

Version

Support Notes

Entrust Certificate Authority (ECA)

10.2

Storing ECA 10.2 RA credentials in nCipher or Luna HSM is not supported

10.1.1

Storing ECA 10.1.1 RA credentials in nCipher or Luna HSM is not supported

8.3


Storing ECA 8.3 RA credentials in nCipher or Luna HSM is not supported

The Events API is not supported

Entrust Certificate Services

Service

TLS certificates are supported

Entrust PKIaaS

Service

CSRs must be provided on enrollment. 

Microsoft Active Directory Certificate Authority

2019, 2016, 2012 R2

CSRs must be provided on enrollment

Open-source plugins compatible with CSP CA Gateway 

CSP CA Gateway is compatible with the following open-source plugins.  

Support is limited to CSP CA Gateway interoperation with the plugin.   

Product

Version

Support Notes

Entrust CSP CA Gateway Vault Client

N/A

This is an Entrust open-source client for Hashicorp Vault that may be obtained from https://github.com/EntrustCorporation/CSP CA Gateway-vault-plugin