EJBCA Enterprise

EJBCA Enterprise covers all your needs for Public Key Infrastructure (PKI) and Certificate Management.

EJBCA Enterprise and PKI, Public Key Infrastructure

With any connected person or device, a key feature in most business solutions today, there is a need to assure that you know who you are talking to, that the data you are sending is safe from manipulation and that only authorized users have access to the data. This is the foundation of Public Key Infrastructure (or PKI), enabling authentication, encryption and signing. As the worlds most used PKI software, EJBCA Enterprise provides you with the basic security services for secure communication in any environment and use case.

PKI Development

Authentication

Through digital certificates all persons and devices in a PKI solution have a unique and secure identity.

Encryption

With the help of public and private keys, all data in a PKI solution is encrypted and safe from tampering.

Signing

Signing code, time, documents etc. ensures the authenticity of any data in a PKI solution.

Flexible CA, Certificate Authority, software

EJBCA Enterprise is a multipurpose PKI software that supports multiple CAs and levels of CAs to enable you to build a complete infrastructure (or several) for multiple use cases within one instance of the software.

Different use cases have different requirement on how registration, initial enrollment and life-cycle management should be performed. EJBCA Enterprise enables multiple integration and automation possibilities and issues certificates to persons, infrastructure components and IoT devices. EJBCA Enterprise is flexible, scalable and secure and is installed at numerous ETSI/eIDAS-, WebTrust audited and ePassport reference customers. EJBCA Enterprise offers Certificate Authority, Registration Authority and Validation Authority (OCSP and CRL) functionality.

CTO PrimeKey
Code computer

A connected society requires robust security

We live in a connected society and new business opportunities can be explored every day thanks to the availability of the data. Data is collected and analyzed from millions of devices and leveraged for short- and long term decisions. Many devices are managed and updated remotely, enabling more cost efficient maintenance and new dimensions of agility.

This new world of connected devices unfortunately also invites new and more extensive cyber-threats. An excellent opportunity can quickly turn into a major failure if security is left lacking. Trust and reliability are important aspects for all to consider in order to protect your investment, your customers and your reputation.

PKI with EJBCA Enterprise

PrimeKey’s extendable PKI covers all demands for efficient and reliable issuing and management of digital identities for persons, infrastructure components and other devices. Today and tomorrow.

Cost efficient end-to-end security works, if you do it the right way.

Able to protect virtually any area of technology and use case, our EJBCA Enterprise software is used to meet all your needs for Public Key Infrastructure (PKI). PrimeKey’s EJBCA Enterprise comes as flexible software, as an easy-to-use turn-key PKI Appliance, or as an instance in the Cloud. But technology isn’t everything, for proper security you need to think of organization, architecture and how it all fits your business solution. PrimeKey has extensive experience in implementing PKI solutions in many types of organizations all over the globe and can assist you along the way.

Security Infrastructure for any use case

Commonly referred to as a Certificate Authority (or CA), EJBCA Enterprise PKI is an open source IT-security software for Certificate Issuance and Certificate Management, used for secure communication in any environment. To properly enable security through certificates, EJBCA Enterprise  also includes both Registration Authority (RA) and Validation Authority (VA) functionality.

Extremely flexible, EJBCA Enterprise is used for most imaginable PKI use cases and scenarios. The solution can be found in face-to-face issuing workflows as well as in highly automated processes via standard protocols and interfaces.

Controlling your own security

EJBCA Enterprise follows best practice Common Criteria EAL4+ security evaluation standard, it has detailed and signed audit and transaction logs, role-based authorization, extensive support for hardware security modules and is designed for scalability and reliability. This is the one PKI software for any organization that needs to manage and operate a serious PKI. In addition, EJBCA Enterprise is already deployed by numerous ETSI/eIDAS- and WebTrust audited reference customers.

Bundled with support and services, EJBCA Enterprise allows you to handle and maintain your PKI implementation successfully, independently of your level of skills.

Deployment options – Software, Appliance, Cloud or Hybrid

PrimeKey understands that organizations have unique business challenges, including security requirements, budgets and the availability of internal resources. We give you the choice of and the choice to combine – Software, hardware Appliance and Cloud deployments for your PKI solution. This means the infrastructure can be deployed in the manner best suited to your business needs and can grow flexibly and expand over time.

Your deployment options

Flexibility at all levels

EJBCA Enterprise is for all professional users, in all types of companies and you can enjoy the greatest flexibility of deployment options. Enable certain PKI functions in the cloud, as appropriate, while benefiting from being in control of other PKI functions with on-premises software or appliance deployments. EJBCA Enterprise gives you full control of everything you do.

The robustness of EJBCA Enterprise provides the capability of serving both small-scale and larger implementations with millions of users or devices in high availability environments without compromising on security.

Built on open standards, an open source platform and a large installed base all around the world EJBCA Enterprise brings the maturity, transparency and commitment required for any security focused PKI solution.

PrimeKey Focused working

Key features

Lowest Total Cost of Ownership (TCO)

  • Security by design by following the best practice Common Criteria EAL4+ security evaluation standard
  • Mature and widely proven source code
  • Comprehensive strategic engineering services
  • Short project duration, with fast project deployment

High Security and Reliability

  • Common Criteria EAL4+ certified
  • Detailed audit and transaction logs
  • Role-based authorization
  • Hardware security modules
  • Designed for scalability and reliability
  • Service availability across maintenance windows
  • Scalability and availability using clusters 

Flexibility

  • Configurable certificate profiles (X.509, eIDAS, PSD2, CVC, RFC5280, RFC 6962, EV Certificate
  • Certificate Authority, Registration Authority and Validation Authority (OCSP and CRL) functionality
  • Integration interfaces (REST, WebServices, ACME, CMP, EST, SCEP, etc.)
  • Multi-use case and multi-tenant platform
  • Flexible deployment options
  • Supports most major databases

Audit Compliance

  • ETSI/CWA-compliant and WebTrust-compliant references

Support and maintenance

PrimeKey developers are passionate about maintaining the high quality of EJBCA through continuous updates and upgrades. Each new release contains improvements and upgrades to the EJBCA functionality, improving the software and keeping it up to date with current regulations. By subscribing to PrimeKey support and maintenance you will automatically gain access to these new releases and upgrades, ensuring the highest quality of your PKI implementation.

As with any software, and especially with security software, it is important to keep EJBCA updated with continuous releases and security patches. Having a subscription to PrimeKey Support will not only give you access to new upgrades and features but also ensure that your software is kept up to date when it comes to security. In short, PrimeKey Support will keep your software at the highest security standards.

Through a PrimeKey Support subscription, both your management and your customers can sleep sound, assured that audit and policy requirements are fulfilled. And in case of issues with your PKI, or simply new demands on it, you have timely access to, and support from, our skilled PKI professionals.

Read more about PrimeKey Support

Explaining PKI
Explaining PKI

Training

PrimeKey’s training courses are tailored solely toward our customers that utilize PrimeKey PKI Technology. Our state-of-the-art trainings are suitable to advanced users such as technicians, engineers, developers, specialists and system architects.

Regardless of prior level of knowledge, any member of your PKI crew can benefit greatly from our Enterprise Training Courses.

We are very satisfied with the training course and it has met our needs, says Allen Liang, Feitian Technologies Ltd.

Product Sheet Training

 

EJBCA training

Each tailored real-life course facilitates the different steps of your specific project, and may later on prove crucial to your progress and ability to succeed in challenging circumstances. As participants learn basic and advanced features and have their PKI managing skills increase, they will learn to

  • ease software evaluation and get the most out of any PKI project.
  • build and deploy your PKI timely and with minimal risk.
  • minimize unplanned downtime.

Contact us

Fill in your contact information below and we will get in touch with you.

    I accept that PrimeKey stores my information, and I accept cookies for analysis and business identification. Read more about cookies and privacy policy here.

Certificate Autoenrollment

Combine the full flexibility of EJBCA Enterprise with Active Directory.

With the Certificate Autoenrollment for EJBCA Enterprise you can add several templates and match them with EJBCAs Profiles, and you can support multiple use cases. Yes, you can now run this add-on on a Linux server, if you like to.

Product Sheet

RA – Registration Authority

A sophisticated toolbox for a user to enroll any certificate type.

The EJBCA RA provides a sophisticated toolbox for a user to enroll for any certificate type, whether predefined or defined on the CA, either by submitting a Certificate Signing Request (CSR) to have a local key pair signed, or by requesting a certificate based on a key pair stored on the CA.

Product Sheet

VA – Validation Authority

EJBCA Validation Authority (VA) enables on-line verification of authentication and digitally signed transactions.

Read more