Your browser does not allow storing cookies. We recommend enabling them.

PreviousNextUp[Front page] [Index]

Database Table Structure

The SSH Tectia Certifier Database tables are created during the full software installation, after the Adaptive Server Anywhere has been installed.

The Database tables are structured as follows:

  • ssh_ca

    This table contains vital internal data, such as the object ID counter and the last assigned serial number.

  • ssh_ca_certificates

    This table contains all the information about certificates in the system. In addition to actual certificate data, this table holds also the internal certificate ID, status information, possible private key, references to related request and entity objects and revocation data. This table includes multiple indices so that certificates can be retrieved efficiently and based on multiple data types, like validity period or serial number information.

  • ssh_ca_cas

    This table contains data about all the CAs this system manages.

  • ssh_ca_crls

    This table collects all the CRLs the engine has issued.

  • ssh_ca_requests

    This table contains all the information on requests in the system. This includes the original request, the modified certificate template (as modified by automatic policy transformations and by the operator) and possibly entity references.

  • ssh_ca_distribution_point

    Contains CRL distribution point information for the system.

  • ssh_ca_log

    This table contains all the occurred events, such as received requests, operator actions and so on.

  • ssh_ca_entities

    This table contains generic end-user entity objects. The main function of the table is to map certificates and pre-shared secrets together, but it can also contain policy data and other, GUI customized data such as name, address, or credit card numbers.

  • ssh_ca_raentities

    This table contains delegated RA entities, their current status, name, and corresponding client certificates.

  • ssh_ca_secrets

    This table contains all the shared secrets for enrollment. Each of the keys is mapped to some existing entity.

  • ssh_ca_operators

    This table contains data for all operators in the system, their access policy and other relevant information.

  • ssh_ca_fti_words

    This table together with the table ssh_ca_fti_occurrences forms the basis for the global full-text indexing system. The table stores one entry for each individual indexed word together with its word ID.

  • ssh_ca_fti_occurrences

    This table maps word occurrences to database objects, identified with their type and internal object ID.

  • ssh_ca_fti_stop_list

    This table contains stop words for database searches. These words are ones which there are too many.

  • ssh_ca_servers

    Contains CA server list. For each defined server it describes which services are enabled on the server.

  • ssh_ca_taskqueue

    Table contains registration authority's messages to be sent to the CA, or waiting for response from the CA.

  • ssh_ca_transactions

    Table contains currently active PKI transactions and their request identifiers.

PreviousNextUp[Front page] [Index]




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now