Validation Service Framework

The Validation Service Framework is used to validate certificates from one or more issuers.

Functionalities

The Validation Service Framework can be used to have one central point of performing revocation statuses to simplify the integration of external PKIs within an enterprise.

The Validation Service Framework also provides a validation cache that can be used to increase performance for those cases an application does multiple lookups of the same certificate within a short period of time.

In the Validation Service Framework, the client also can ask the service to check the type of certificate that the certificate might be used for. A certificate type could be IDENTIFICATION or ELECTRONIC SIGNATURE.

The out-of-the-box DefaultValidationService should satisfy most use cases. If necessary, you can develop a custom Validation Service.

Configuring a Validation Service

To configure a custom Validation Service:

1. Specify the org.signserver.validationservice.server.ValidationServiceWorker in the global configuration.

2. Configure ValidationService in the worker configuration.

3. Set the class path in the property TYPE (not necessary for the DefaultValidationService).

The Validation Service Framework is mostly used with X509v3 certificates but supports other types of certificates as well.