Certificate auto-enrollment

A single installation of EJBCA Enterprise removes the need to install and maintain multiple Microsoft Certificate Authorities (Microsoft Active Directory Certificate Services, ADCS). The seamless EJBCA integration with MS auto-enrollment works with all your Microsoft servers, workstations and mobile devices.

Contact sales Download Product Sheet

Combine the full flexibility of EJBCA Enterprise with Active Directory and remove the need for multiple Microsoft CAs 

Host as many CAs as you need

With multiforest and multitenant support, you are able to run your entire PKI in a single instance. Integral support for Azure as host allows for user authentication and publishing.

Consolidate your PKI use cases

Get a holistic view on your PKI and enable a harmonized security policy for all your use cases, whether in enterprise IT, IoT, finance or other areas - all in one comprehensive platform. 

On-premises or cloud 

Deploy EJBCA with certificate auto-enrollment as it suits your needs - either as an easy-to-use turn-key software or hardware appliance, or as a cloud or SaaS PKI.

Features of EJBCA Certificate Auto-enrollment

When using EJBCA with certificate auto-enrollment, the Microsoft clients and servers are configured to send certificate requests to EJBCA, instead of multiple ADCS instance, and EJBCA talks directly to Active Directory. 


PKI magic

Multitenancy is an integral part of EJBCA, as well as multiforest support. Certificate auto-enrollment is part of EJBCA’s enrollment stack and can thus leverage the platform’s easy and reliable clustering, including linear scalability. It is even possible to do rolling upgrades and maintenance, that is, while one node is shut down for maintenance, others continue to answer requests. For more information, see our documentation on Securing Your Microsoft Environment with EJBCA.  


Reliable and security-focused platform 

EJBCA is a Common Criteria-certified, open-source based PKI. A wide variety of HSMs are supported, including Azure Key Vault and the FIPS 140-2 Level 3-validated Azure Key Vault Managed HSM. EJBCA implements secure multitenancy, where many CAs and CA hierarchies can be hosted in on single server installation, access is managed with a role-based access system and log files are signed to ensure traceability. Standard high availability configurations and disaster recovery are available. EJBCA is proven in large deployments with millions of certificates. 



Supports all your PKI needs

Modern companies have a growing need for certificates, stretching from standard use cases in the corporate IT infrastructure, to manufacturing, IoT and DevOps. Most relevant standard protocols and APIs are supported, such as ACME, CMP, EST, REST and Web Services. This means that EJBCA can offer a broad support for certificate and revocation processes, automation, and integration into your application eco-systems. 


Deploy as you need

Deploy EJBCA Certificate auto-enrollment in the manner that suit you best, as on-premises hardware or software, in the Cloud as IaaS or SaaS. You can also get a hybrid deployment - combining on-premises and cloud to the optimal setup for your needs. 

EJBCA deployment options

To account for the unique business challenges of your organization, including security, budget and the availability of internal resources, PrimeKey offers a combination of deployment options to suit your needs today and allow you to grow flexibly over time. 


Software Appliance

Deploy your PKI in your own data center using your native virtualization resources. Select the HSM and the appliance model that best suit your needs.

EJBCA Software Appliance


Hardware Appliance

Select the EJBCA Hardware Appliance when you are looking for an on-premises PKI-in-a-box solution. EJBCA Hardware Appliance is a hardened, high-performance server that comes with the complete hardware and software stack and an HSM. 

EJBCA Hardware Appliance



Enjoy rapid deployment with PKI in a public cloud, with no hardware to purchase and maintain or any upfront software license costs. Our cloud-based PKI solutions are available in AWS and Azure.



EJBCA Software as a Service

If you are looking for a fully hosted and managed PKI solution, then EJBCA SaaS is your choice. It helps limit deployment risks and increase your speed to market.


Do you need a hybrid deployment? 

Do you want to combine on-premises and cloud? Or do you need help to find the best deployment option for your use case? See our documentation on hybrid PKI deployments or get in touch with us. 

More information

See the links for more information on EJBCA Certificate Auto-enrollment and related products. 

Contact us

Fill in your contact information below and we will get in touch with you.