The following diagram illustrates the Certificate Enrollment Gateway architecture.
The following topics describe each component of the architecture.
Enrollment endpoint
An enrollment endpoint is a user or device that requests a certificate issuance or renewal.
Certificate Enrollment Gateway service
The Certificate Enrollment Gateway service runs in Entrust PKI Hub 1.0. This microservices-based cluster provides:
- Easy install and uninstall.
- Centralized logging.
- Reporting and operational dashboards.
The Certificate Enrollment Gateway service supports an HTTP and HTTPS proxy for outbound connections.
Certificate issuer
A Certificate Issuer is a Certificate Authority (CA) that issues certificates to the enrollment endpoints.