Axway Validation Authority (VA) Suite

Safeguard your PKI environment with real-time validation of digital certificates and access permissions


Need to protect high-value assets in a PKI environment?

Let’s talk.


Your email will not be shared or sold to a third party. Axway respects your privacy.

Axway Validation Authority (VA) Suite protects Public Key Infrastructures (PKIs) by first determining whether people are who they say they are, and if their digital certificates are valid and current, and then verifying which secure applications, networks, and locations the owner of a valid digital certificate is authorized to access at any given point in time.

VA Suite consists of several components that provide a flexible and robust certificate validation solution for both standard and custom desktop and server applications. These components may be used together or, leveraging open standards, integrated with existing solutions using OCSP or SCVP (RFC 5055).

Axway VA Suite Key Capabilities

Implement a robust, flexible, and CA-neutral certificate validation solution with broad standards support

Axway Identity Validation Suite is CA-neutral and supports all widely adopted international security standards and open technologies:

  • Certified to meet Common Criteria (EAL 3), FIPS 201, NIST PDVAL, FIPS 140-2, and DoD JITC standards
  • OCSP and SCVP compliant (RFC 2560, RFC 5055)
  • Entrust-ready and IdenTrust-compliant
  • Part of the IdenTrust, SWIFT Trust Act, BACS, and Global Trust Authority financial trust infrastructures
  • Interoperable with leading cryptographic hardware, including products certified to FIPS 140-2 Level 3 and 4, as well as smart cards such as the DoD Common Access Card and the Federal Personal Identity Verification Card or national eID-card

Prevent revoked credentials from being used for secure email, smart card login, network access (including wireless) or other sensitive electronic transactions

Axway VA Server is a sophisticated digital certificate status responder that processes client digital certificate status queries using a variety of protocols, including OCSP, SCVP, CMP, and VACRL.

VA Server maintains a store of digital certificate revocation data by obtaining the Certificate Revocation List (CRL) from the issuing CA. To validate a digital certificate, a client application can simply query the VA Server rather than performing the cumbersome task of obtaining and processing the entire CRL every time it encounters a digital certificate.

Enable digital certificate validation on secure Web and application servers

VA Server Validator is a flexible client application that enables digital certificate validation on UNIX, Windows and Apple platforms, including:

  • Apache
  • Oracle Application Server 
  • Red Hat Strong Hold
  • BEA WebLogic
  • IBM Lotus Domino

Working as a plug-in, VA Server Validator can query a VA Server (or any other standards-based digital certificate validation responder) or utilize a CRL to determine the status of a digital certificate presented by a client. Clients with revoked or expired certificates are denied access to the server or application.

Enable digital certificate validation in Windows-based desktop and server applications

VA Desktop Validator is a flexible client solution that enables digital certificate validation in the most commonly used Microsoft Windows-based desktop and server applications. VA Desktop Validator integrates seamlessly with any Microsoft Cryptographic API (CAPI)-compliant client or server application.

Deploy VA Server Appliances in distributed environments

VA Server Appliances are hardware-software repeater and responder solutions that can be installed in less than 30 minutes, and deliver the lowest total cost of ownership for distributed computing environments.

Save development time and money with VA Validator Toolkits

VA Validator Toolkits provide a complete set of certificate validation functions, source code examples and reference manuals. The VA Validator Toolkits can save development time and money for commercial or custom PKI-enabled applications, such as network and handheld devices, physical security systems and workflow applications.

Explore full specs, features and benefits.


“OCSP, through Axway’s Validation Authority, enables us to offer a rock-solid base for the validation of the signatures for every single message that passes through the system.”

Read Success Story