문제

Our company currently implementing TSA (Time Stamp Authority) service. And now we are searching CA (Certification Authority), which could issue certificate with intended usage: Timestamping. I contacted with few CA's, but they offer just Digital ID certificates, and know nothing about TSA. Maybe someone has experience with such problem?

도움이 되었습니까?

해결책

I doubt you will find any commercial CAs offer certificates with timestamping usage. There is no market and it goes against their interests also. Just like the certificate with CA or OSCPSigning usage, you can only get it if you have some kind of business deal with CA.

If you are offering a TSP service, you can just use regular cert and ignore the usage. Depending on the library you use, it may not check usage at all. However, Java 6 does check it.

You can also use a self-signed cert and distribute your root CA to whoever wants to do verification locally.

라이센스 : CC-BY-SA ~와 함께 속성
제휴하지 않습니다 StackOverflow
scroll top