Previous Topic: Introduction to CA Auth IDNext Topic: How Cryptographic Camouflage Works

CA Strong Authentication Windows Installation GuideIntroductionCA Auth ID Key ConceptsCA Auth ID File Structure

CA Auth ID File Structure

An CA Auth ID contains the following components:

  1. A standard X.509v3 digital certificate with a CA-specific extension.
  2. A second pair of public and private keys generated for authenticating to CA Strong Authentication Server. It is not used for general signing or encryption.

    The public key is stored in the encrypted format. It is encrypted using the Domain Key, which is used to create and authenticate CA Auth IDs. You can configure a domain key at the global-level or at the organization-level. An CA Auth ID issued with the organization-specific domain key cannot be used across organizations.

    The private key is cryptographically camouflaged by using the CA Auth ID password.

  3. A section to store the user’s Open PKI keys and certificates to sign, encrypt and decrypt. See "CA Auth ID as a Secure Container (Key Authority)" for more information.