TrustPort eSign PRO PKI Storage Manager

PKI Storage Manager module is one of the most important modules of TrustPort eSign PRO application. It roofs functions for manipulation with certificates, private keys and lists of revoked certificates (CRL) in PKI framework. PKI Storage Manager module is designed so as the beggining user can work with it. The method of use is similar to Explorer in Window system. PKI Storage Manager is able to access to any LDAP server with certificates as a LDAP client and enables access to certificate storage application Internet Explorer . Both accesses (called hybrid storage) are resolved as plugin module to TrustPort eSign PRO application. TrustPort eSign PRO application contains LDAP server and PKI Storage manager module can set it in a way that LDAP server enables access to certificates in certian specified storage. LDAP server is controlled by LDAP Publisher that is a part of PKI Storage Manager module.

PKI Storage Manager has two basic parts. The first one contains a list of accessible storages that are possible to be managed. It is located in the left side of the main window. The second part is located on the right side of the main window and it contains various views on objects. In the upper part of application is transparent menu and tool bar.

PKI Storage Manager is able to manage three basic storage types. They are local storages, hardware devices (tokens and cards) and hybrid storages. All accessible/connected storages are ordered according the type in the left part of program. By clicking to any storage its content is displayed in the right part. The list of views is different according to the storage type.

List of views in the right part of the main window:

  • Private keys - private keys and substitute keys for private keys located in hardware devices (tokens and smart cards)
  • Personal certificates - certificates that have relevant private or substitute keys in the same storage
  • Other users - all certificates that do not have private or substitute keys in the same storage
  • Certification authorities - root and subordinated certificates of certification authorities
  • CRL - lists of revoked certificates
  • Find now - looking for certificates in the storage

In each storage it is possible to look for certificates. The search is performed with the help of the last bookmark (Find now) in the right part of the main window of PKI Storage Manager module. The hybrid storages have only one view for search.

For content of hardware device (USB token or smart card) display it is necessary to login to the relevant device. The login window is displayed immediately after clicking on any hardware device. If the login window is closed by clicking Storno , the login is not performed and the it is not possible to view its content.

The tool bar can be adjusted for the user needs by clicking the second button on the tool bar and there is selected Modify tool bar in displayed menu. The second option how to modify the tool bar by selection Modify tool bar in the main menu View of PKI Storage Manager module. The individual tool bar buttons can be removed or placed to a different location. Next there is option to select between big and small icons.

Description of the main menu of PKI Storage Manager module:

Storage menu

  • New storage - Creation of local storage or LDAP connection.
  • Delete storage - Deletion of local storage or LDAP connection.
  • Modify storage - Modification of setting for local storage or LDAP connection.
  • LDAP Publisher - Setting configuration operation of local storage across LDAP client.
  • Forget login - It forgets the login information for login to a hardware device.
  • Properties - Display of detail information about the selected storage.
  • Finish - Finish of PKI Storage Manager module.

View menu

  • Tool bar - Display/removal of tool bar display display.
  • Status bar - Display/removal of status bar display.
  • Modify tool bar - It starts a dialog window for tool bar modification. It is possible to add or remove buttons from tool bar or to change size of displayed buttons.
  • Refresh - Retrieval of current view or storage list.

Tool menu

  • Generate new object - Generation of a new key pair and certificate request. For new key pair generation is started module Security Object Generator .
  • View object - Display of detail information about the indicated object. For detail information is started module Security Object Inspector .
  • Change name - Change name of object in local storage.
  • Change password - Change of password for the private key that is stored in the local storage. For password change is started module Password Changer .
  • Delete object(s) - Deletion of identified objects from storage.
  • Copy object - Copying of one or several identified objects from one storage to another. For object copying is started module Security Object Importer .
  • Import object - Import of objects to storage from file. For import of objects is started module Security Object Importer .
  • Export object - This option enables export of one or several identified certificates from storage to the output file. It is allowed to export maximally 100 certificates at the same time. It is also possible to export one CRL or one private key including the complete certification path. For object export is started module Security Object Exporter .
  • Create substitute object - This option creates a substitute key from the identified private key to the hardware device (token or smart card). For substitute key creation is started module Security Object Importer .
  • Verify certificates - Verification of certificates in the storage if they are valid and not expired.

Help menu

  • Content - Display of the main page of user manual .
  • Find - Seach in user manual.
  • Index - Display of index page in user manual.
  • Hot keys - Display of hot keys that function in PKI Storage Manager module and in the whole TrustPort eSign PRO application.
  • About program - Dispaly of information about program, licence agreement, ...

Related references

Main page

Copyright 2010, TrustPort, a.s., All rights reserved.