About the Identity Manager ADCS integration
This article is valid for Smart ID 20.11 and later.
In the communication between Smart ID Identity Manager and the ADCS, the following components are involved:
Identity Manager Server
- The Identity Manager server contains CA-Server and CA-Name, and connects directly to the Connector ADCS.
- The integrated CA Proxy connector is used as proxy for the client machines.
IIS Webserver - Connector ADCS
- The IIS Webserver with the ADCS Connector does not need to be installed on the ADCS-Server, but on a server in the same domain.
- Identity Manager authenticates with a client certificate on the ADCS Connector.
- The ADCS Connector uses a Domain Service Account, which has the required rights in ADCS.
Certificate Authority (CA)
- This is the ADCS server. The Domain Service Account of the connector is used to request and publish certificates from and to the CA.