System information
Token Processing System.
The Token Processing System (TPS) acts as a registration authority for authenticating and
processing smart card enrollment requests, PIN reset requests, and formatting requests from
the Enterprise Security Client.
1.2. Certificate System Users
Three kinds of users can access Certificate System subsystems: administrators, agents, and
end entities. Administrators are responsible for the initial setup and ongoing maintenance of the
subsystems. Administrators can also assign agent status to users. Agents manage day-to-day
interactions with end entities, which can be users or servers and clients, and other aspects of
the PKI. End entities must access a Certificate Manager (CM) subsystem to enroll for
certificates in a PKI deployment and for certificate maintenance, such as renewal or revocation.
Figure 2.1, “The Certificate System and Users” shows the ports used by administrators, agents,
and end entities. All agent and administrator interactions with Certificate System subsystems
occur over HTTPS. End-entity interactions can take place over HTTP or HTTPS.
Certificate System Users
7