Application Programming Interface (API)
Network services often provide several interfaces for user applications to interact with. A programmable interface is a user interface that is not designed for humans, but rather it is created to be used by software.
SSL.com provides such an API for its PKI, that user applications (including SSL Manager) can use to perform any certificate-related operation, without the need for human interaction.
Certificate Authority (CA)
An individual entity entrusted to issue certificates. CAs, such as SSL.com, are tasked with verifying that the recipient individual, company, or oganization requesting the certificate, fulfills the conditions of an established policy.
Certificate Revocation List (CRL)
A document maintained and published by a certification authority (CA) that lists certificates issued by the CA that have been revoked (i.e. they are no longer valid).
Certificate Signing Request (CSR)
A Certificate Signing Request, or Certificate Request, is a message sent from an applicant to a Certificate Authority in order to purchase a digital identity certificate.
It usually contains the public key for which the certificate should be issued, identifying information (such as a domain name) and integrity protection (e.g., a digital signature), to assure that it was not be modified in transit.
The CA will validate this information, and proceed to issue and sign a new certificate with its private signing key.
Typically, a permanent storage where certificates, certificate revocation lists (CRLs), and certificate trust lists (CTLs) are stored. It is possible, however, to create and use a certificate store solely in volatile memory when working with certificates that do not need to be put in permanent storage.
Certificate Trust List (CTL)
A predefined list of items that have been signed by a trusted entity (e.g. a CA). A CTL can be anything, such as a list of hashes of certificates, or a list of file names. All the items in the list are authenticated (approved) by the signing entity.
In cryptography, PKCS #12 defines an archive file format for packaging many cryptography objects as a single file. It is commonly used to bundle a private key with its X.509 certificate, or to bundle all the members of a chain of trust.
Public Key Infrastructure (PKI)
Public Key Infrastructure refers to a configuration of software, hardware, roles, policies and regulations that uses public key cryptography to protect electronic communications over a computer network.
Self-signed certificates are normal SSL certificates (i.e. following the X.509 certificate profile), but they were not signed by a publicly trusted PKI.
These certificates are not automatically trusted by client software, but require the user (or the domain administrator in enterprise environments) to manually trust them.
In computer science, a software agent is a computer program that acts for a user or other program in a relationship of agency.
In case of SSL Manager, the application installs and uses an agent program to handle all communications with SSL.com‘s backend. The backend implements all the functionality that SSL Manager requires to work.
SSL Manager Agent
SSL Manager Agent is a software agent service that is installed with SSL Manager.
Its function is to communicate with SSL.com‘s backend to monitor the status of your submitted certificate requests.
When a CSR has been validated and a certificate has been issued for you, the agent is notified and it downloads the new certificate into your SSL Manager instance automatically, so that you may use it.