In the connected society, as the need for trusted data keeps increasing, it is more and more obvious that security and PKI are crucial for all kinds of businesses and organizations. The open source and multipurpose software EJBCA Enterprise supports many integrations and automation possibilities, and issues certificates to humans, servers and IoT devices.
The world’s most used PKI
Flexible and scalable
EJBCA supports a wide variety of public key infrastructure (PKI) use cases, scenarios, and integrations into other application ecosystems, and is proven in large deployments worldwide.
Built on open standards and a Common Criteria-certified open source platform, EJBCA brings the transparency and commitment you need for a long-term security solution.
On-premises, cloud or SaaS
Deploy EJBCA as it suits your needs - either as a turn-key software or hardware appliance, or as a cloud or SaaS PKI.
- EJBCA founder and PrimeKey CTO
What PKI offers
By use of digital certificates, all persons, servers and devices in a PKI solution have a unique and secure identity.
With the help of PKI and certificates, all data that is transmitted over unsecured networks is encrypted and safe from unauthorized access.
Digital signing of code, time and documents ensures the authenticity of any data in transit and when at rest.
Features of EJBCA Enterprise
The PKI platform EJBCA Enterprise offers certificate issuing and management, to provide you with trusted identities and secure communication for any use case scenario. EJBCA Enterprise is multitenant and supports multiple Certificate Authorities (CAs) and levels of CAs within one software instance.
Able to protect virtually any use case and area of technology, our EJBCA Enterprise software meets all your needs for Public Key Infrastructure (PKI) and provides various options to let you find the most cost-efficient solution. PrimeKey offers EJBCA as a turn-key software or hardware appliance, or as a cloud or SaaS PKI.
The flexibility and robustness of EJBCA Enterprise provide the capability to serve both small-scale and large-scale, enterprise implementations with millions of users or devices in high availability environments, by support for various deployment options, centralized operations and a high level of automation.
EJBCA Enterprise follows best practices, with detailed, signed audit and transaction logs, role-based authorization and extensive support for hardware security modules. It is Common Criteria certified and already deployed at numerous ETSI/eIDAS- and WebTrust-audited and ePassport reference customers.
With proven integrations into application ecosystems, including IoT devices and DevOps tools, via support for multiple protocols and formats, EJBCA Enterprise is there all along the way on your digitalization journey. See also PKI and Signature Services for Microservices and DevOps Environments.
EJBCA deployment options
To account for the unique business challenges of your organization, including security, budget and the availability of internal resources, PrimeKey offers a combination of deployment options to suit your needs today and allow you to grow flexibly over time.
Deploy your PKI in your own data center using your native virtualization resources. Select the HSM and the appliance model that best suit your needs.
Select the EJBCA Hardware Appliance when you are looking for an on-premises PKI-in-a-box solution. EJBCA Hardware Appliance is a hardened, high-performance server that comes with the complete hardware and software stack and an HSM.
Enjoy rapid deployment with PKI in a public cloud, with no hardware to purchase and maintain or any upfront software license costs. Our cloud-based PKI solutions are available in AWS and Azure.
EJBCA Software as a Service
If you are looking for a fully hosted and managed PKI solution, then EJBCA SaaS is your choice. It helps limit deployment risks and increase your speed to market.
Do you need a hybrid deployment?
Do you want to combine on-premises and cloud? Or do you need help to find the best deployment option for your use case? See our documentation on hybrid PKI deployments or get in touch with us.
EJBCA product components
EJBCA comes with or can be used together with the following advanced tools to enroll for and validate certificates:
EJBCA Registration Authority
The EJBCA Registration Authority (RA) is an external entity to the Certificate Authority (CA) for enrollment of any certificate type, allowing for an additional layer of security around the CA.
EJBCA Validation Authority
EJBCA Validation Authority (VA) enables online certificate verification by use of OCSP or CRLs.
With the Certificate Auto-enrollment feature in EJBCA Enterprise, you can remove any need to use Microsoft CAs and completely leverage the full flexibility of EJBCA Enterprise and Active Directory.
Identity Authority Manager
Industrial-grade PKI Registration Authority (RA) hardware that can be used together with EJBCA to issue product certificates directly on the manufacturing floor.
EJBCA eIDAS edition
With EJBCA eIDAS edition as hardware or software appliance, you get a complete feature set to operate a full-blown eIDAS-compliant Public Key Infrastructure (PKI).
Read more about our eIDAS solutions
Migrating to Microsoft Azure with a Modern PKI
Enlightened enrollment: The book of five certificate enrollment protocols
EJBCA, Microsoft and open source: How Azure brought everything together
Customer stories for EJBCA Enterprise
EJBCA Enterprise, Telecom
Powering 5G innovation through security, open standards and flexible integration
EJBCA Enterprise, Enterprise, Trust Service Provider
Bundesnotarkammer – Innovation and security in German notaries
EJBCA Enterprise, Enterprise, Trust Service Provider
Securing and enabling German healthcare
Bank & Finance, EJBCA Enterprise, Trust Service Provider
Bank-Verlag – Launching an eIDAS-compliant trust center for the German banking industry
EJBCA Enterprise, PKI migration, Trust Service Provider
Swisscom – Becoming eIDAS compliant and migrating from RSA to EJBCA Enterprise
Solutions based on EJBCA
Supply Chain Security
Ensure product integrity and security with trusted digital identities from birth
Securing IoT and IIoT devices
Protect data and devices when connecting your solution to untrusted networks
Produce and verify ePassports with our dedicated PKI solution
See the links for more information on EJBCA Enterprise.
Fill in your contact information below and we will get in touch with you.