Online Certificate Status Checking

Advanced OCSP validation authority

ADSS OCSP Server is an advanced x.509 certificate Validation Authority server, that fully conforms to the IETF RFC 6960 standard. It is also FIPS 201 Certified (APL #1411) and approved for use by US federal agencies for HSPD-12 implementations.

It has been designed to operate as a robust validation hub solution, capable of providing OCSP certificate validation services for multiple Certificate Authorities (CAs) concurrently! Simple or sophisticated validation policies are supported for each individual CA and ADSS OCSP Server provides a detailed historical record of all transactions together with an easy to use OCSP request & response viewer – essential for either billing and/or troubleshooting within managed service infrastructures or enterprise systems.

Key points:

  • Responds for multiple CAs with configurable validation policies
  • Retrieves revocation info using multiple interfaces and methods
  • Capable of white-list checking to ensure certificate was actually issued (using latest RFC 6960 extension)
  • Ability to split front-end OCSP service from back-end operations for maximizing performance
  • High-performance architecture including caching of revocation info
  • Detailed logging and human-readable OCSP transaction viewers for easy problem solving
  • Configurable management reporting on service usage, top clients & most validated certificates
  • Strong security, latest crypto algorithms & independently evaluated and certified by multiple entities
  • Used by many governments as part of national eID infrastructure, banks & major enterprises

ADSS Server architecture

ADSS Server is a powerful server application providing multiple e-Trust services as shown in the diagram below. Although it's a single product, its service modules are licensed individually and branded accordingly. Your investment in ADSS Server is therefore future-protected as you can license new service modules over time as your e-Trust business needs grow. Multiple ADSS service modules may be installed on the same ADSS Server instance, saving on hardware, software and management costs. All of the ADSS Service modules use the same GUI layout and style thereby making training simple for administrators. Ascertia tracks the latest industry standards and is committed to adding new service modules as required by our customers.

ADSS Signing Server PDF Sign&Seal
3rd Party Apps
( e.g. Adobe® Reader, Microsoft Office, IE, browsers, Servers, Network devices, PACS)
Core ADSS Server modules Trust Manager | Key Manager | Secure Logging | HSM & DB Manager | Reporting | Client Manger | Dual Control CRL Manager | Access Control | System Integrity Checker | Auto Archiver
PKI services (each separately licensed) e-Trust Services (each separately licensed) Base Modules of ADSS Server (available by default)

The above diagram shows a range of client applications (relying party application) using the ADSS OCSP Service module. Due to the wide acceptance of RFC 6960 standard, there are large number of OCSP-enabled applications, including Physical Access Control Systems (PACS). Click on any of the ADSS service modules to jump to the relevant product page.

The power of ADSS Server is that all of this digital signature and PKI functionality is available from one unified product, which minimises training costs, provides a single platform for management control and logging, and lowers the total cost of hardware and software ownership.

Request Info


Sales Inquiries:
+44 (0)800 772 0 442


Years of Digital Signature