This is a basic description of the split of the different part of the architecture
see archi_commCA.odg or archi_commCA.pdf
Front end
Browser
A browser can be used to manage user or organisation datas & certificates. It connects to the CommunityCA website.
Graphic User interface
In order to do improve productivity for an organisation, a GUI is implemented as a client to the business WebService.
Web Interface
Web Site
This is the CommunityCA website. TBD
Proxy
It Interacts with the GUI client as a reverse proxy for the business web services.
WebService Interface
Services provided
They defined the business interfaces of the applications. they deal with :
Authorization & session management
- user management (user data, user certificates)
- organisation management ( org data + certs)
- etc.
They're connected to the Data storage interface and the certificate management interface.
Data storage
It's a webservice communicating with the database. It can only be accessed from the WebServices defined in the paragraph above. It describes SQL statements.
Certificate management interface
The CMI is a webservice defining a set of interface designed to deal with certificate, whatever technology is used as back-end.
Back end certificate component
The BCC is a set of cartridge. Each cartridge is intended to be written for each of the external components.
Exemple of cartridge :
- openssl
- openca ocspd
- ejbca
- bouncy castle
- others