After performing verification of the information provided with a Certificate Application, an RA operating under a CA may request that a CA issue a Certificate. Upon receipt of a request from an RA operating under a CA, the CA will perform the verification described in §4.2.1, and then generate and digitally sign a Certificate in accordance with the Certificate profile described in §7.

CA Actions during Certificate Issuance

Upon receiving the issuance API request, the CA verifies the integrity of the information in the Certificate request, builds and signs a Certificate, and returns the Certificate in the API response to the API requestor (RA).

The CA will not issue any Certificates with validity period that exceeds the validity period of the corresponding Issuing CA Certificate.

Notification to Subscriber by the CA of Issuance of Certificate

Notification to Subscriber is the responsibility of the RA.