EJBCA® Enterprise

In the connected society, as the need for trusted data keeps increasing, it is more and more obvious that security and PKI are crucial for all kinds of businesses and organizations. The open source and multipurpose software EJBCA Enterprise supports many integrations and automation possibilities, and issues certificates to humans, servers and IoT devices.

Contact us Download Product Sheet

The world’s most used PKI

Flexible and scalable

EJBCA supports a wide variety of public key infrastructure (PKI) use cases, scenarios, and integrations into other application ecosystems, and is proven in large deployments worldwide.

Open source

Built on open standards and a Common Criteria-certified open source platform, EJBCA brings the transparency and commitment you need for a long-term security solution. 

On-premises, cloud or SaaS

Deploy EJBCA as it suits your needs - either as a turn-key software or hardware appliance, or as a cloud or SaaS PKI.

EJBCA-Tomas-Gustavsson

Tomas Gustavsson
- EJBCA founder and PrimeKey CTO

What PKI offers

Authentication

By use of digital certificates, all persons, servers and devices in a PKI solution have a unique and secure identity.

Encryption

With the help of PKI and certificates, all data that is transmitted over unsecured networks is encrypted and safe from unauthorized access.

Signing

Digital signing of code, time and documents ensures the authenticity of any data in transit and when at rest.

Features of EJBCA Enterprise

The PKI platform EJBCA Enterprise offers certificate issuing and management, to provide you with trusted identities and secure communication for any use case scenario. EJBCA Enterprise is multitenant and supports multiple Certificate Authorities (CAs) and levels of CAs within one software instance.

cost-efficient-icon-720×720

Cost-efficient security

Able to protect virtually any use case and area of technology, our EJBCA Enterprise software meets all your needs for Public Key Infrastructure (PKI) and provides various options to let you find the most cost-efficient solution. PrimeKey offers EJBCA as a turn-key software or hardware appliance, or as a cloud or SaaS PKI.

scalable-720×720

Scalable

The flexibility and robustness of EJBCA Enterprise provide the capability to serve both small-scale and large-scale, enterprise implementations with millions of users or devices in high availability environments, by support for various deployment options, centralized operations and a high level of automation.

compliant-720×720

Enables compliance

EJBCA Enterprise follows best practices, with detailed, signed audit and transaction logs, role-based authorization and extensive support for hardware security modules. It is Common Criteria certified and already deployed at numerous ETSI/eIDAS- and WebTrust-audited and ePassport reference customers.

integration-720×720

Integrates well

With proven integrations into application ecosystems, including IoT devices and DevOps tools, via support for multiple protocols and formats, EJBCA Enterprise is there all along the way on your digitalization journey. See also PKI and Signature Services for Microservices and DevOps Environments. 

Read more in the EJBCA documentation

EJBCA deployment options

To account for the unique business challenges of your organization, including security, budget and the availability of internal resources, PrimeKey offers a combination of deployment options to suit your needs today and allow you to grow flexibly over time. 

software-white-02-720×720

Software Appliance

Deploy your PKI in your own data center using your native virtualization resources. Select the HSM and the appliance model that best suit your needs.

EJBCA Software Appliance

hardware-white-720×720

Hardware Appliance

Select the EJBCA Hardware Appliance when you are looking for an on-premises PKI-in-a-box solution. EJBCA Hardware Appliance is a hardened, high-performance server that comes with the complete hardware and software stack and an HSM. 

EJBCA Hardware Appliance

ejbca-cloud-white-720×720

EJBCA Cloud

Enjoy rapid deployment with PKI in a public cloud, with no hardware to purchase and maintain or any upfront software license costs. Our cloud-based PKI solutions are available in AWS and Azure.

EJBCA Cloud

EJBCA-Software-white-720×720

EJBCA Software as a Service

If you are looking for a fully hosted and managed PKI solution, then EJBCA SaaS is your choice. It helps limit deployment risks and increase your speed to market.

EJBCA SaaS

Do you need a hybrid deployment? 

Do you want to combine on-premises and cloud? Or do you need help to find the best deployment option for your use case? See our documentation on hybrid PKI deployments or get in touch with us. 

 

Contact us

EJBCA product components

EJBCA comes with or can be used together with the following advanced tools to enroll for and validate certificates:

EJBCA Registration Authority

The EJBCA Registration Authority (RA) is an external entity to the Certificate Authority (CA) for enrollment of any certificate type, allowing for an additional layer of security around the CA.

Read more

EJBCA Validation Authority

EJBCA Validation Authority (VA) enables online certificate verification by use of OCSP or CRLs.

Read more

Certificate Auto-enrollment

With the Certificate Auto-enrollment feature in EJBCA Enterprise, you can remove any need to use Microsoft CAs and completely leverage the full flexibility of EJBCA Enterprise and Active Directory.

Read more

Identity Authority Manager

Industrial-grade PKI Registration Authority (RA) hardware that can be used together with EJBCA to issue product certificates directly on the manufacturing floor.

Read more

EJBCA eIDAS edition

With EJBCA eIDAS edition as hardware or software appliance, you get a complete feature set to operate a full-blown eIDAS-compliant Public Key Infrastructure (PKI). 

Read more about our eIDAS solutions

Download EJBCA Hardware Appliance eIDAS product sheet

Related resources

migrating-to-microsoft-azure-with-modern-pki-ebook
Guide
EJBCA Cloud
EJBCA Enterprise
PKI migration

Migrating to Microsoft Azure with a Modern PKI

Taking the holistic approach on your migration to the cloud Security cannot be an afterthought. The one thing you can be certain of is that the need for certificates will grow as your business is digitalized. A holistic approach on cloud migration, in...
Mike_Kushner
Blog post
EJBCA Enterprise

Enlightened enrollment: The book of five certificate enrollment protocols

In this blog post, Mike Agrenius Kushner in his role of Product Architect is going to present a layman’s guide to PKI enrollment over API and five of the protocols supported today by EJBCA.    Remember, if you were there, your first day of university...
Mike_Kushner
Blog post
EJBCA Cloud
EJBCA Enterprise

EJBCA, Microsoft and open source: How Azure brought everything together

It used to be uncommon to mention open source and Microsoft in one sentence. PrimeKey’s open source history is no exception, and used to distance us from Microsoft. Read on to learn about the transformation journey of EJBCA and Microsoft during the past...

See more blogs, news and events on EJBCA Enterprise

Customer stories for EJBCA Enterprise

communication tower. cell, radio and television antennas on top

EJBCA Enterprise, Telecom

Powering 5G innovation through security, open standards and flexible integration

Read customer story
Attorneys talking

EJBCA Enterprise, Enterprise, Trust Service Provider

Bundesnotarkammer – Innovation and security in German notaries

Read customer story
DGN Customer Story, PrimeKey

EJBCA Enterprise, Enterprise, Trust Service Provider

Securing and enabling German healthcare

Read customer story
EJBCA Faroe eID

Document signing, EJBCA Enterprise, SignServer Enterprise, Timestamping, Trust Service Provider

The Faroe Islands – Creating a Future-Proof National e-ID

Read customer story
vault and businessman

Bank & Finance, EJBCA Enterprise, Trust Service Provider

Bank-Verlag – Launching an eIDAS-compliant trust center for the German banking industry

Read customer story
EJBCA Telecom

EJBCA Enterprise, PKI migration, Trust Service Provider

Swisscom – Becoming eIDAS compliant and migrating from RSA to EJBCA Enterprise

Read customer story

See all customer stories

Solutions based on EJBCA

Supply Chain Security

Ensure product integrity and security with trusted digital identities from birth

Explore Supply chain security

Securing IoT and IIoT devices

Protect data and devices when connecting your solution to untrusted networks

Explore IoT and IIoT solution

Becoming an eIDAS (Q)TSP

Enable eIDAS compliance and electronic signatures

Explore eIDAS solution

PKI migration

Consolidate or upgrade your public key infrastructure

Explore PKI migration

Enabling ePassports

Produce and verify ePassports with our dedicated PKI solution

Explore ePassport solution

More information

See the links for more information on EJBCA Enterprise.

EJBCA documentation

EJBCA Interoperability and Certifications

Issuing TLS certificates from EJBCA 

More news, blogs, etc on EJBCA 

All PKI and digital signing solutions

Contact us

Fill in your contact information below and we will get in touch with you.

This website uses cookies

Cookies consist of small text files. They contain data that is stored on your device. To enable us to place certain types of cookies we need to obtain your consent. At PrimeKey AB, corp. ID no. 556628-3064, we use the following kinds of cookies. To read more about which cookies we use and storage times, click here to access our cookies policy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that must be placed for basic functions to work on the website. Basic functions are, for example, cookies which are needed so that you can use menus on the website and navigate on the site.

Functional cookies

Functional cookies need to be placed on the website in order for it to perform as you would expect. For example, so that it recognizes which language you prefer, whether or not you are logged in, to keep the website secure, remember login details or to be able to sort products on the website according to your preferences.

Cookies for statistics

For us to measure your interactions with the website, we place cookies in order to keep statistics. These cookies anonymize personal data.

Cookies for ad-tracking

To enable us to offer better service and experience, we place cookies so that we can provide relevant advertising. Another aim of this processing is to enable us to promote products or services, provide customized offers or provide recommendations based on what you have purchased in the past.
Confirm choices Accept all