07-12-2011 09:21 AM
I would like to start using SATSA PKI to authenticate my users. There is something that i don't understand: in the enrollment process i first need to generate a CSR and then send this CSR to get a signed certificate. But whom exactly do i send it to?
this is the official example from sun:
// Send the generated CSR to the CA enrollment server,
// possibly over a secure TCP (SecureConnection) or HTTPS
//(HttpsConnection). Wait for response (the signed X.509
// certificate chain)
String url = "www.j2medeveloper-ca.com:443";
byte response = secureSend(url, csr);
who is the "CA enrollment server" in reality? Can it be a self-signed Certificate?