An application definition contains necessary configurations that are required for a client to function smoothly. The application definition includes:
Configuration parameters: required to initialize and configure the client.
CSR parameters: required to create or renew client certificates and keys.
NAE port: port number on which NAE communication is to be done.
Policies: defines collection of rules that govern cryptographic operations.
The Application Data Protection administrator defines an application on the CipherTrust Manager and gets a registration token in the response. The administrator shares the registration token with the DevOps team to be inserted in their orchestrator; which in turn, deploys the application and its client, sharing the token with the client. The registration token is used to register clients on the CipherTrust Manager. All the clients that belong to the same application should use the same registration token. Each application definition generates its own registration token. By default, the registration token never expires and one token can register multiple clients.
After registration, the client gets
credentials details (certificate and private key) from the CipherTrust Manager. These credentials help client to login to the CipherTrust Manager. After validation, the client retrieves their configurations/policies and NAE interface details from the CipherTrust Manager. Using NAE interface details, the client connects to the NAE-XML interface and performs the cryptographic operations.
In this article you will learn how to :