Class CIM_CertificateAuthority
extends CIM_CredentialManagementService

A Certificate Authority (CA) is a credential management service that issues and cryptographically signs certificates. It acts as an trusted third-party intermediary in establishing trust relationships. The CA authenticates the identity of the holder of the 'private' key, related to the certificate's 'public' key.

Table of Contents
Hierarchy
Direct Known Subclasses
Class Qualifiers
Class Properties
Class Methods


Class Hierarchy

CIM_ManagedElement
   |
   +--CIM_ManagedSystemElement
   |
   +--CIM_LogicalElement
   |
   +--CIM_EnabledLogicalElement
   |
   +--CIM_Service
   |
   +--CIM_SecurityService
   |
   +--CIM_AuthenticationService
   |
   +--CIM_CredentialManagementService
   |
   +--CIM_CertificateAuthority

Direct Known Subclasses

Class Qualifiers

NameData TypeValue
DescriptionstringA Certificate Authority (CA) is a credential management service that issues and cryptographically signs certificates. It acts as an trusted third-party intermediary in establishing trust relationships. The CA authenticates the identity of the holder of the 'private' key, related to the certificate's 'public' key.
UMLPackagePathstringCIM::User::PublicKey
Versionstring2.8.0

Class Properties

Local Class Properties

NameData TypeDefault ValueQualifiers
NameData TypeValue
CADistinguishedNamestring
DescriptionstringCertificates refer to their issuing CA by its Distinguished Name (as defined in X.501).
Dnbooleantrue
CAPolicyStatementstring
DescriptionstringThe CAPolicyStatement describes what care is taken by the CertificateAuthority when signing a new certificate. The CAPolicyStatment may be a dot-delimited ASN.1 OID string which identifies to the formal policy statement.
CRLRefreshFrequencyuint8
DescriptionstringThe frequency, expressed in hours, at which the CA will update its Certificate Revocation List. Zero implies that the refresh frequency is unknown.
PUnitstringhour
UnitsstringHours
MaxChainLengthuint8
DescriptionstringThe maximum number of certificates in a certificate chain permitted for credentials issued by this certificate authority or it's subordinate CAs. The MaxChainLength of a superior CA in the trust hierarchy should be greater than this value and the MaxChainLength of a subordinate CA in the trust hierarchy should be less than this value.
CRLstring[]
DescriptionstringA CRL, or CertificateRevocationList, is a list of certificates which the CertificateAuthority has revoked and which are not yet expired. Revocation is necessary when the private key associated with the public key of a certificate is lost or compromised, or when the person for whom the certificate is signed no longer is entitled to use the certificate.
OctetStringbooleantrue
CRLDistributionPointstring[]
DescriptionstringCertificate revocation lists may be available from a number of distribution points. CRLDistributionPoint array values provide URIs for those distribution points.

Inherited Properties

NameData Type
Captionstring
CommunicationStatusuint16
CreationClassNamestring
Descriptionstring
DetailedStatusuint16
ElementNamestring
EnabledDefaultuint16
EnabledStateuint16
Generationuint64
HealthStateuint16
InstallDatedatetime
InstanceIDstring
LoSIDstring
LoSOrgIDstring
Namestring
OperatingStatusuint16
OtherEnabledStatestring
PrimaryOwnerContactstring
PrimaryOwnerNamestring
PrimaryStatusuint16
RequestedStateuint16
Startedboolean
StartModestring
Statusstring
SystemCreationClassNamestring
SystemNamestring
TimeOfLastStateChangedatetime
TransitioningToStateuint16
AvailableRequestedStatesuint16[]
OperationalStatusuint16[]
StatusDescriptionsstring[]

Class Methods

Inherited Class Methods

NameReturn Type
ChangeAffectedElementsAssignedSequenceuint32
RequestStateChangeuint32
StartServiceuint32
StopServiceuint32