LDAP is an acronym which stands for Lightweight Directory Access Protocol. This is a database protocol used for the updating and searching of the directories which run over the TCP/IP network protocol (this is the network protocol which is primarily used by the PKI infrastructure).
It is the job of the LDAP server of the Public Key Infrastructure to contain information and data as it relates to the digital certificates and the public and the private key storage locations, as well as the matching public and private key labels.
The Certificate Authority uses a combination of the end user name and the matching tags to specifically locate the digital certificates on the LDAP server. From that point onwards, the LDAP server checks to see if the requested digital certificate is valid or not, and it if it is valid, it then retrieves a digital certificate which can then be sent to the end user.
Although all digital certificates have a finite lifespan when they are first issued, they can also be revoked for any reason at any time by the Public Key Infrastructure Administrator.
