HOME   Cart(0)   Quotation   About-Us Policy PDFs Standard-List
www.ChineseStandard.net Database: 189760 (18 Oct 2025)

GM/T 0037-2014 PDF English

US$160.00 · In stock · Download in 9 seconds
GM/T 0037-2014: Certificate authority system test specification
Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure
Status: Valid
Standard IDContents [version]USDSTEP2[PDF] deliveryName of Chinese StandardStatus
GM/T 0037-2014English160 Add to Cart 0-9 seconds. Auto-delivery Certificate authority system test specification Valid

Excerpted PDFs (Download full copy in 9 seconds upon purchase)

PDF Preview: GM/T 0037-2014
      

Similar standards

GB/T 15843.1   GA/T 1389   GM/T 0033   

GM/T 0037-2014: Certificate authority system test specification

---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GMT0037-2014
GM CRYPTOGRAPHY INDUSTRY STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 File No.. 44642-2014 Certificate authority system test specification Issued on: FEBRUARY 13, 2014 Implemented on: FEBRUARY 13, 2014 Issued by. State Cryptography Administration

Table of Contents

Foreword ... 4 1 Scope .. 5 2 Normative references ... 5 3 Terms and definitions ... 5 4 Abbreviations .. 6 5 Test object ... 6 6 Test Outline ... 6 7 Test environment .. 6 8 Test content ... 7 8.1 Site .. 7 8.2 Network ... 7 8.3 Post and access management ... 9 8.4 Security management ... 10 8.5 System initialization ... 10 8.6 System functions .. 10 8.7 System performance .. 13 8.8 Data backup and recovery ... 14 8.9 Third-party security products ... 14 8.10 Entry into root .. 15 8.11 Certificate format ... 15 8.12 Certificate chain.. 15 8.13 Algorithm ... 15 8.14 Protocol ... 15 8.15 Documents ... 15 9 Test method .. 15 9.1 Site ... 15 9.2 Network .. 16 9.3 Management of posts and authorization ... 17 9.4 Security management ... 18 9.5 System initialization ... 18 9.6 System functions .. 18 9.7 System performance .. 20 9.8 Data backup and recovery ... 20 9.9 Third-party security products ... 20 9.10 Entry into root .. 21 9.11 Certificate format ... 21 9.12 Certificate chain.. 21 9.13 Algorithm ... 21 9.14 Protocol ... 21 9.15 Documents ... 21 10 Qualification determination ... 21 10.1 Item qualification determination ... 21 10.2 Product qualification determination ... 22 Appendix A ... 23 A.1 Test objective ... 23 A.2 Physical areas and network structure of certificate authority system .. 23 A.3 Hardware and software configuration of certificate authority system ... 23 A.4 Module and function of certificate authority system ... 23 A.5 Test content ... 23 Appendix B ... 31 B.1 The network structure of CA when RA adopts C/S mode ... 31 B.2 the network structure of CA when RA adopts B/S mode .. 31 B.3 The connection between CA and remote RA .. 32 Appendix C ... 33 C.1 Certificate authority system computer room layout ... 33 C.2 Certificate authority system computer room placement diagram ... 33

Foreword

This Standard was drafted in accordance with the rules given in GB/T 1.1-2009. Attention is drawn to the possibility that some of the elements of this Standard may be the subject of patent rights. The issuing authority shall not be held responsible for identifying any or all such patent rights. This Standard was proposed by and shall be under the jurisdiction of Cryptography Industry Standardization Technical Committee. Drafting organizations of this Standard. Changchun Jida Zhengyuan Information Technology Co., Ltd., Shanghai Gale Software Co., Ltd., National Information Security Engineering Technology Research Center, Beijing Haitai Fangyuan Science and Technology Co., Ltd. Main drafters of this Standard. Liu Ping, Gao Li, Tian Jingqi, Jiang Yulin, Zhang Baoxin, Li Weiping, Zhao Lili, Zhu Guoxin, Yuan Feng, Tan Wuzheng, an Xiaojiang, Zhang Wantao, Wu Chenghua. Certificate authority system test specification

1 Scope

This Standard specifies the test contents and methods of certificate authority system. This standard is applicable to provide electronic authentication service for electronic signature and the inspection of development or building of certificate authentication service operation system in accordance with GM/T 0034-2014. It can also provide reference for the inspection of other certification systems.

2 Normative references

The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. GM/T0014 Digital certificate authentication system cryptography protocol specification GM/T 0015 Digital certificate format based on SM2 algorithm GM/T 0034-2014 Specifications of cryptograph and related security technology for certification system based on SM2 cryptographic algorithm

3 Terms and definitions

The following terms and definitions apply to this document. 3.1 Certificate authentication system; CA A system that manages the entire life cycle of digital certificates such as issuing, distributing, updating, and revoking them. 3.2 Registration authority; RA The main function of registration authority that manages the entire process of digital certificate registration. It is also known as registration system. 3.3 CA certificate A certificate issued to a CA. It can be issued by the CA to itself or by another CA. The item test environment is the actual environment of the certificate authority system.

8 Test content

8.1 Site 8.1.1 Engineering construction Engineering construction shall meet the requirements of physical security in 8.5 of GM/T 0034-2014. 8.1.2 Physical areas The physical area of certificate authority system shall be divided into public area, service area, management area and core area. The storage and distribution server of certificate/ certificate logoff list, the LDAP / OCSP query server (if there is an OCSP query server) and the connected cryptographic machine, the registration management server and the connected cryptographic machine, intrusion detection or intrusion prevention detection equipment, vulnerability scanning equipment shall be located in server area; registration management terminal, registration audit terminal, certificate/ certificate logoff list generation and issuance management terminal, intrusion detection or intrusion prevention management console shall be located in the management area; the generation and issuance server of certificate/ certificate logoff list and the connected cryptographic machine, database server, the safe-box keeping key backup materials and media shall be placed in the core area; Firewall shall be placed between each of the areas. See Appendix C. The core area shall be the shielded computer room. The shielding effect shall meet the requirements of 8.5.2.5 in GM/T0034-2014. The sequence of entering each area is. the management area, service area, core area. The device's name in the system shall be labeled at a prominent location on the devices placed in each area, such as issuance server, registration server, etc. Monitoring probe, fire probe and access control system shall be set up in each area; and monitor room shall be set up to monitor each area in real time. This article applies to item test only. 8.2 Network 8.2.1 Network structure b) There shall be corresponding response strategies for security events detected by vulnerability scanning; c) The vulnerability repository shall be updated in a timely manner. 8.2.2.4 Virus control The main security strategies for the virus control configured for the system are. a) Deploy antivirus products to key servers and operations, management terminals; b) There shall be corresponding response strategies for security events detected by antivirus products; c) The virus repository shall be updated in a timely manner. 8.2.2.5 Cryptographic machine The cryptographic machine shall be connected to the server via an independent physical port. The cryptographic machine shall be the product approved by the national cryptographic management department. 8.3 Post and access management 8.3.1 Issuance system 8.3.1.1 Super administrator The super administrator shall be set up, which is generated when the system is initialized and is responsible for the strategy management of the system and the management of the business administrators of the system. 8.3.1.2 Audit administrator The audit administrator shall be set up, which is generated when the system is initialized and is responsible for the auditor management of the system. 8.3.1.3 Business administrator The business administrator shall be set up and authorized by the super administrator. It is responsible for the management of business operators. 8.3.1.4 Business operator The business operator shall be set up and authorized by the business administrator It is responsible for user certificate repository management, data backup/ recovery, etc. 8.6.1.1 Input of application information It shall be able to provide the interface to input and modify the certificate application information. It shall be able to select the key type and length of the application digital certificate AND support the import of a batch of certificate application information. The system shall enable the operators to sign their actions automatically. 8.6.1.2 Review of application information It shall be able to provide an interface for the review of the application information. It ... ......
Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al.


      

Tips & Frequently Asked Questions

Question 1: How long will the true-PDF of English version of GM/T 0037-2014 be delivered?

Answer: The full copy PDF of English version of GM/T 0037-2014 can be downloaded in 9 seconds, and it will also be emailed to you in 9 seconds (double mechanisms to ensure the delivery reliably), with PDF-invoice.

Question 2: Can I share the purchased PDF of GM/T 0037-2014_English with my colleagues?

Answer: Yes. The purchased PDF of GM/T 0037-2014_English will be deemed to be sold to your employer/organization who actually paid for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. www.ChineseStandard.us -- GM/T 0037-2014 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds.

How to buy and download a true PDF of English version of GM/T 0037-2014?

A step-by-step guide to download PDF of GM/T 0037-2014_EnglishStep 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD).
Step 2: Search keyword "GM/T 0037-2014".
Step 3: Click "Add to Cart". If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart.
Step 4: Select payment option (Via payment agents Stripe or PayPal).
Step 5: Customize Tax Invoice -- Fill up your email etc.
Step 6: Click "Checkout".
Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively.
Step 8: Optional -- Go to download PDF.
Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice.
See screenshots for above steps: Steps 1~3    Steps 4~6    Step 7    Step 8    Step 9