Skip to content

Directory Issued Server TLS Certificates

The Directory issues X.509 certificates for TLS servers run by Members to verify a server is run by a Member of the Trust Framework.

Server certificates only include the DNS name of the server. The Member who operates them is implied by the Directory, as Clients discover services using Directory and Data Catalog entries which include the Member's identity.

Server certificates are short-lived and automatically renewed.

Server certificates

Presentation of a server certificate with a CN that matches the hostname of the server provides assurance that the server operator is a Member of the Trust Framework.

This assertion relies on only issuing certificates to servers which are registered explicitly (Member record) or implicitly (data catalog entries) in the Directory.

Server certificates are short-lived, with a maximum validity of 24 hours.

  • CN=[Trust Framework] Server CA
    • CN=[Trust Framework] Server Issuer
      • CN=[DNS name of server], subjectAlternativeName=DNS:[DNS name of server]

See below for the X.509 extensions that are required for the certificates.

The certificate chain for server certificates is distinct from all other PKI hierarchies within the Trust Framework.

Obtaining a server certificate

  • Ensure the Directory contains a record which refers to this server.
  • Use ACME to obtain and automatically renew a short-lived certificate. The ACME server:
    • Uses HTTP challenge to verify control of the DNS name.
    • Is configured to only issue certificates to hostnames within the domains registered by publishers in the Directory.

Verifying a server certificate

A client must configure their TLS client to only trust connections to servers with certificates issued with a certificate chain leading to the root Server certificate.

Certificate Profiles

CA certificates

The root CA certificates must conform to the Root CA Certificate Profile defined in the version of the CA/Browser Forum Baseline Requirements for TLS Server Certificates in force at the time of creation.

Root CA certificates use ECDSA keys with the secp384r1 (P-384) curve, and have a 9132 day (approx 25 years) validity time. Their private keys are kept offline, and only used to create Issuer certificates.

Issuer certificates

The Issuer certificates must conform to the TLS Subordinate CA Certificate Profile defined in the version of the CA/Browser Forum Baseline Requirements for TLS Server Certificates in force at the time of creation.

Issuer certificates are regularly regenerated. To comply with the RFC5280 Basic Path Validation algorithm, their validity time is the validity time of a Server certificate plus the regeneration period.

They use ECDSA keys with the secp256r1 (P-256) curve.

Server certificates

Server certificates must conform to the Subscriber (End-Entity) Certificate Profile defined in the version of the CA/Browser Forum Baseline Requirements for TLS Server Certificates in force at the time of issue.

They use ECDSA keys with the secp256r1 (P-256) curve.

Server certificates must contain the following extensions:

  • Subject Alternative Name (DNS name)
  • Subject Key Identifier
  • Authority Key Identifier
  • Basic Constraints
  • Key Usage
  • Extended Key Usage