In addition to using the web interface "RWTH-DFN-Zertifizierungsportal" to generate a certificate request, it is also possible to use the SOAP interface of the DFN-PKI.
The DFN-PKI provides a SOAP client for this purpose, with the following SOAP calls corresponding to an action in the web interface
|newRequest||User makes an application|
|getRawRequest||RA views an application|
|approveRequest||RA signs & authorizes an application|
|get CrtificateByRequestSerial||User/RA wait for the certificate to be issued|
SOAP communication either takes place synchronously or asynchronously via a separate graphical user interface.
The interface is well suited for
- large number of users
- Smart card/USB token initialization
- Integration of local directory services
- Local key backup during certification
A description of these extended options in the DFN-PKI are summarized in the article "Rollout von Zertifikaten leichter gemacht".