• Default CA Audit Events

• PKI 10.6 Default CA Audit Events

• PKI 10.5 Default CA Audit Events

There are two types of CAs:

• the host CA is the primary CA that runs in the CA subsystem

• Lightweight CA are subordinate CAs under the host CA that are also running in the same CA subsystem

Each of the above CA’s has a unique ID called '''authority ID'''. For host CA, the authority ID can be omitted.

When the PKI server is started, the server will generate signing info logs for each CA to indicate which keys are used for certificate signing, OCSP signing, and CRL signing. When a new lightweight sub-CA is added, the server will also generate the signing info logs for the new sub-CA.

• CERT_SIGNING_INFO

• OCSP_SIGNING_INFO

• CRL_SIGNING_INFO

• CONFIG_CRL_PROFILE

• CONFIG_CERT_PROFILE

• PROFILE_CERT_REQUEST

• CERT_PROFILE_APPROVAL

• CERT_REQUEST_PROCESSED

• CERT_STATUS_CHANGE_REQUEST

• CERT_STATUS_CHANGE_REQUEST_PROCESSED

• CMC_SIGNED_REQUEST_SIG_VERIFY

• SCHEDULE_CRL_GENERATION

• DELTA_CRL_GENERATION

• DELTA_CRL_PUBLISHING

• FULL_CRL_GENERATION

• FULL_CRL_PUBLISHING

• CRL_RETRIEVAL

• CRL_VALIDATION

• OCSP_GENERATION

• CONFIG_SERIAL_NUMBER

• RANDOM_GENERATION

• SECURITY_DOMAIN_UPDATE