# Key Components emCA suite has following Solution components ### Certificate Manager – emCA Handles the full certificate lifecycle (issuance, renewal, revocation, archival). * Manages certificate lifecycle: issuance, renewal, revocation. * Role-based access control and M-of-N separation of duties. * Multi-factor authentication using token-based certificates. * Protocol support: SCEP, CMP, EST for automated issuance. * Certificate Transparency support. * CSR signing and cross-certification workflows. * Multi-HSM support (PKCS#11 compliant). * OCSP certificate generation and management. * Mobile PKI support. ### User Enrolment – emRA Manages KYC data and certificate requests across RAs. * Decentralized portals for RA-wise KYC and certificate requests. * Configurable vetting profiles and verification checklists. * Role-based dashboards with RA-level data segregation. * Strong authentication: password policies and 2FA. * Subscriber self-service for certificate management. * Integration with email/SMS notifications, video and document-upload verification. * eSign-enabled, paperless enrolment workflows. ### Online Certificate Status Protocol (OCSP) Provides real-time certificate status checking. * Response generation per RFC 6960/5019 and CA/B Forum rules. * HSM-based signing key storage. * Real-time record display and archival. ### Time Stamping Module Issues RFC 3161/5816-compliant timestamps. * Time-source integration (GPS - Global Positioning System, NTP – Network Time Protocol, NPL - National Physical Laboratory). * TST generation and signature by internal TSA. * Audit logging of timestamp events. * Policy-based issuance exclusively for internal use. ### Key Management Module Oversees cryptographic key generation, rotation, and retirement. * Secure key creation. * Rotation and expiry policies. * Integration with FIPS-compliant HSMs. ### Hardware Security Module Integration Supports hardware-backed key storage and operations. * Private-key protection in hardware. * Hardware-based cryptographic functions. * Resistance to physical and logical tampering. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://emca.emudhra.com/key-components.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.