Previous Topic: Introduction to ArcotID PKINext Topic: How Cryptographic Camouflage Works

CA AuthMinder Windows Installation GuideUnderstanding the BasicsArcotID PKI Key ConceptsArcotID PKI File Structure

ArcotID PKI File Structure

An ArcotID PKI contains the following main components:

  1. The standard X.509v3 digital certificate with CA-specific extension.
  2. A second pair of public and private keys that is generated for authenticating to AuthMinder Server. It is not used for general signing or encryption.

    The public key is stored in the encrypted format. It is encrypted using the Domain Key, which is used to create and authenticate ArcotID PKIs. You can configure a domain key at the global-level or at the organization-level. An ArcotID PKI issued with the organization-specific domain key cannot be used across organizations.

    The private key is cryptographically camouflaged by using the ArcotID PKI password.

  3. A section to store the user’s Open PKI keys and certificates, which they can use for signing, encrypting, and decrypting. See "ArcotID PKI as a Secure Container (Key Authority)" for more information.