Each of the subsystems contains interfaces for interacting with other parts of the subsystem. Four subsystems (CA, DRM, OCSP, and TPS) have an agent interface for agents to perform the tasks assigned to them; four subsystems (CA, DRM, OCSP, and TKS) also have an administrative console for managing that instance, such as adding users and viewing logs. A CA subsystem also has an end-entity services interface for users to enroll in the PKI.
End-Entities Interface . The CA java servlets in the end-entities page process the HTML forms submitted through the HTTP entry point. From the information in these forms, the servlets enroll and revoke certificates for users and allow users to retrieve issued certificates.
The OCSP, DRM, TKS, and TPS subsystems do not have end-entity pages.
Agent Services Interface . The agent services page java servlets process HTML form submitted through the agent services HTTP pages. From the information in each submitted form, the agent servlets allow agents to perform agent tasks, such as editing and approving requests for issuing, renewing, or revoking certificates and approving certificate profiles.
The TPS interface is different than the agent services pages for the other three subsystems. This HTML interface also functions as the administrative interface in place of a Java™ console.
Administrative Interface (Subsystem Console) . The administrative java servlets process commands from the administrative entry-point. From the information supplied in the commands, the administration servlets allow administrators to perform administrative tasks and configure plug-in modules. This interface is similar for the CA, DRM, OCSP, and TKS subsystems. While there are some common configuration types, there are different plug-ins available, depending on the kind of subsystem. The auditor shares the same interface with the administrator, except with the ability to view all configurations and logs, including audit logs; administrators cannot view audit logs.
The TPS subsystem does not have an administrative console; administrator tasks are performed through an HTML interface accessed through the agent services URL.
These servlets can return data in HTML or XML formats, making it easier for system administrators to write scripts which interact with these servlets. For more information, see Section 4.8, “Using Java Servlets”.