A CKMS component that performs one or more of the following functions: The acquisition or generation of public key certificates, The initial establishment of keying materials (including its generation and distribution), The maintenance of a database that maps end entities to an organization's certificate/key structure, Key backup, archiving, inventory or recovery, The maintenance and distribution of key compromise lists and/or certificate revocation lists (i.e., Revoked Key Notifications), and The generation of audit requests and the processing of audit responses as necessary for the prevention of undetected compromises.
Sources:
NIST SP 800-57 Part 2 Rev.1
under Key processing facility