A Registration Authority (RA) is a function for certificate enrollment used in public key infrastructures.
It is responsible for receiving certificate signing requests – for the initial enrollment or renewals – from people, servers, things or other applications. The Registration Authority verifies and forwards these requests to a Certificate Authority (CA).
A Registration Authority is also responsible for receiving other certificate lifecycle management functions. For example, revocation. The RA implements business logic to accept requests, including methods for verifying the origin of the requester and the party that should have the certificate.
A Registration Authority is usually separated from the Certificate Authority for accessibility and security reasons. The RA is accessed via a user-friendly GUI or via integration friendly APIs and standard protocols.
About Keyfactor’s EJBCA Registration Authority
The EJBCA RA is an external entity to the Certificate Authority (CA) for enrollment of any certificate type, allowing for an additional layer of security around the CA.
