EJBCA is an open source PKI (public key infrastructure) solution. Its enterprise version is developed and supported by PrimeKey, one of our partners. We can help you to deploy both the enterprise version (EJBCA EE) and the community version (EJBCA CE).
EJBCA: benefits of the enterprise version
- Compliance with certifications and regulations: EAL4+ certified (https://www.ssi.gouv.fr/certification_cc/ejbca-version-5-0-4/) and eIDAS-compliant (qualified PSD2 certificates included)
- Advanced features (non-exhaustive list):
- Integrity protection for the whole database and logs
- Automatic synchronization of the OCSP responder with the PKI
- CMP protocol support
- Microsoft’s native auto-enrollment protocol support
- ACME protocol support (https://tools.ietf.org/html/rfc8555)
- Management REST API
- SCEP protocol support (RA and certificate renewal mode)
- Rapid security updates
- Level-3 support
As a reseller and integrator of the PrimeKey EJBCA EE solution, we implement it and provide level-1 and -2 support. We also coordinate level-3 support, provided by PrimeKey.
Digitalberry can help you at each stage of implementing the EJBCA PKI solution:
- Organization of workshops: business scenarios, certification hierarchy, certification templates, secret holders and profiles, functional and technical architecture, use case in your business applications
- Preliminary studies: functional specifications, technical architecture
- PKI deployment in the different environments (acceptance, qualification, pre-production, production)
- Migration of an old PKI to EJBCA EE or EJBCA CE
- Integration with your information system: dockerizing, implementation of an active and a passive branch, configuration of network equipment, integration with an HSM, integration with Active Directory, etc.
- Functional and technical acceptance
- Key ceremony
- Project owner support: installation and configuration documents, acceptance test file, runbook, script development for automating operating tasks, guide for operators, administrators and users
- Training and training support: cryptography, certificates and PKI