EJBCA Validation Authority

The EJBCA Validation Authority (VA) software component enables certificate validation using OCSP or CRLs.

Contact sales Download Product Sheet

Real-time certificate validation

OCSP Responder or CRL

Certificate validity can be verified by either using an OCSP Responder or a certificate and CRL distribution feature.

PKI-independent

The EJBCA Validation Authority can provide validation services for any certificate authority software, including EJBCA, through automated CRL imports, or with real-time updates when connected to EJBCA.

On-premises or cloud 

Deploy the Validation Authority as it suits your needs - either as a turn-key software or hardware appliance, or in the cloud. 

Features of EJBCA Validation Authority

Validation is conveniently performed with PrimeKey’s open source EJBCA Validation Authority (VA). The EJBCA VA offers several advantages through its use of both an OCSP Responder and a Certificate and CRL distribution feature.

complete-720×720

The most comprehensive VA solution 

The mainstay of any Validation Authority is the Online Certificate Status Protocol (OCSP) responder. Through the VA, clients can instantly request the revocation status of individual certificates, without the need to download the full Certificate Revocation List (CRL). Meanwhile, CRLs and CA certificate distribution are also available.

flexible-720×720

No vendor lock-in

The EJBCA VA can provide certificate revocation services to any PKI, including EJBCA. It is developed on the same flexible and robust platform as EJBCA but packaged as a stand-alone component. The EJBCA VA smoothly accommodates every organization’s requirement.

scalable-720×720

Enterprise scalability

EJBCA Validation Authority has support for the leading Hardware Security Modules (HSMs) and allows easy and reliable clustering. This ensures linear scalability. It is even possible to shut down a node for maintenance, while other nodes continue to answer requests. The EJBCA Validation Authority contains a built-in monitoring facility, ensuring that the responder is functioning properly at all times. High performance is ensured; more than 500 requests per second can be achieved on a single server.

secure-720×720

Security by design

The Common Criteria-certified platform offers highly configurable audit and transaction logging, a built-in health check used for load balancing and monitoring, and configurable requirements for signed requests, authorized signers, and so on. When there is a need to keep the CA in an enclosed environment with limited access and the VA in a DMZ or even publicly, secure communication can be ensured by using the EJBCA Peers Systems protocol, which is based on mutually authenticated TLS. 

Read more on Doc

 

EJBCA deployment options

To account for the unique business challenges of your organization, including security, budget and the availability of internal resources, PrimeKey offers a combination of deployment options to suit your needs today and allow you to grow flexibly over time. 

software-white-02-720×720

Software Appliance

Deploy your PKI in your own data center using your native virtualization resources. Select the HSM and the appliance model that best suit your needs.

EJBCA Software Appliance

hardware-white-720×720

Hardware Appliance

Select the EJBCA Hardware Appliance when you are looking for an on-premises PKI-in-a-box solution. EJBCA Hardware Appliance is a hardened, high-performance server that comes with the complete hardware and software stack and an HSM. 

EJBCA Hardware Appliance

ejbca-cloud-white-720×720

EJBCA Cloud

Enjoy rapid deployment with PKI in a public cloud, with no hardware to purchase and maintain or any upfront software license costs. Our cloud-based PKI solutions are available in AWS and Azure.

EJBCA Cloud

EJBCA-Software-white-720×720

EJBCA Software as a Service

If you are looking for a fully hosted and managed PKI solution, then EJBCA SaaS is your choice. It helps limit deployment risks and increase your speed to market.

EJBCA SaaS

Do you need a hybrid deployment? 

Do you want to combine on-premises and cloud? Or do you need help to find the best deployment option for your use case? See our documentation on hybrid PKI deployments or get in touch with us. 

 

Contact us

More information

See the links for more information on EJBCA Validation Authority and related products. 

Related products

EJBCA Enterprise

EJBCA Registration Authority

Certificate auto-enrollment

Identity Authority Manager

Contact us

Fill in your contact information below and we will get in touch with you.

This website uses cookies

Cookies consist of small text files. They contain data that is stored on your device. To enable us to place certain types of cookies we need to obtain your consent. At PrimeKey AB, corp. ID no. 556628-3064, we use the following kinds of cookies. To read more about which cookies we use and storage times, click here to access our cookies policy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that must be placed for basic functions to work on the website. Basic functions are, for example, cookies which are needed so that you can use menus on the website and navigate on the site.

Functional cookies

Functional cookies need to be placed on the website in order for it to perform as you would expect. For example, so that it recognizes which language you prefer, whether or not you are logged in, to keep the website secure, remember login details or to be able to sort products on the website according to your preferences.

Cookies for statistics

For us to measure your interactions with the website, we place cookies in order to keep statistics. These cookies anonymize personal data.

Cookies for ad-tracking

To enable us to offer better service and experience, we place cookies so that we can provide relevant advertising. Another aim of this processing is to enable us to promote products or services, provide customized offers or provide recommendations based on what you have purchased in the past.
Confirm choices Accept all