Reflection PKI Services Manager provides certificate verification services, and is available as a separate download from the Reflection for Secure IT Gateway download page at no additional charge. For information about downloading PKI Services Manager and configuring it for use with Reflection Gateway, see Set Up PKI Services Manager. To support X.509 certificate authentication, at least one PKI Server must be configured.
NOTE:You can install and configure PKI Services Manager on multiple systems to ensure availability of certificate authentication services. When you add multiple servers to the PKI Servers list, Gateway Administrator contacts the first available server on the list. The reply from this PKI Server (valid or not valid) is used, and no other servers on the list are contacted. All PKI servers must have identical trust anchors, configuration settings, and mapping files to ensure that each of your PKI Services Manager servers returns the same validation for all certificates.
|
You must have PKI Services Manager installed and running before you add it to the PKI Servers list. |
|
This button is available when a PKI server is selected. Use it to disable the selected server or modify settings. |