Sie befinden sich hier: start » en » Internal Documentation » WvdS Data-Gateway » 2. Administrator » 4. PQ Security » 4.5 Trust Server

Inhaltsverzeichnis

4.5 Trust Server

Central trust server for certificate validation.

Concept: Single Point of Trust

  • All clients query the Trust Server
  • Trust Server decides on trustworthiness
  • Central control over certificate status
  • Real-time revocation possible

Architecture

[Client] -> [Proxy] -> [Trust Server]
                          |
                    [Certificate DB]

API Endpoints

Endpoint Function
POST /validate Verify certificate
GET /trusted List of trusted certs
POST /revoke Revoke certificate

Configuration in Proxy

{
  "TrustServer": {
    "Url": "https://trust.intern",
    "ApiKey": "...",
    "CacheSeconds": 60,
    "FailOpen": false
  }
}

Fail-Closed

With FailOpen: false:

  • Trust Server not reachable → Access denied
  • Maximum security
  • Availability of Trust Server critical

High Availability

  • Run Trust Server in cluster
  • Load balancer in front
  • Local cache for short-term outages
Zuletzt geändert: on 2026/01/29 at 11:21 PM

Seiten-Werkzeuge