<img alt="" src="https://secure.weed6tape.com/193471.png" style="display:none;">
Public Key Infrastructure (PKI)

CloudHSM for EJBCA® Enterprise by Keyfactor

Managed hardware security module (HSM) for EJBCA® Entreprise

This service leverages CloudHSM Economy to store and manage your cryptographic keys for EJBCA® Enterprise, ensuring a hardware-based root of trust for cryptographic operations. You can confidently manage the signing keys used for issuing and verifying digital certificates, ensuring the integrity and security of your PKI deployment.

 

How it works

EJBCA generates 4096-bit RSA keys on your HSMs. The CA communicates with your HSMs using the PKCS#11 provider for Certificate and CRL signing.

Benefits and features

Regional Access, Load-balancing, and Redundancy Failover

These features ensure high availability and reliability of cryptographic services by leveraging geo-redundant high availability (HA) clusters. Customers benefit from reduced latency, efficient load distribution, and automatic failover in case of infrastructure failures or disruptions, enhancing the overall resilience and performance of the system.

Multi-tenancy and Built-in Storage

Multi-tenancy support allows organizations to securely isolate different instances and applications within the same environment, ensuring data privacy and regulatory compliance. The large built-in storage capacity enables organizations to store a vast amount of cryptographic keys and certificates, accommodating future growth and scalability requirements without compromising performance or security.

Risk Minimization and Operational Stability

By taking Root CA partitions offline and requiring additional Security Officer intervention for key deletion, organizations can minimize the risk of unauthorized access, data breaches, and operational failures. This approach enhances the security posture of the system by implementing strict access controls and separation of duties, reducing the likelihood of security incidents or compliance violations.

CA Key Ceremonies and Audit Automation

The integration with Securosys Key Attestation and Audit features streamlines CA key ceremonies and automates audit procedures, enhancing operational efficiency and compliance with regulatory requirements. By leveraging a chain of trust originating from a Securosys root certificate, organizations can ensure the integrity and authenticity of cryptographic keys and audit logs, providing verifiable evidence of compliance and adherence to security best practices.

Getting started

Select a region for your HSM.

Europe (Germany/Switzerland)
clock_hex1b8d4c 1h

de01-api.cloudshsm.com

ch02-api.cloudshsm.com

North America (USA)
clock_hex1b8d4c 1h

us01-api.cloudshsm.com

us02-api.cloudshsm.com

Asia Pacific (Singapore)
clock_hex1b8d4c 1h

sg01-api.cloudshsm.com

Switzerland

clock_hex1b8d4c 1h

ch01-api.cloudshsm.com

ch02-api.cloudshsm.com

Global
clock_hex1b8d4c 1h

de01-api.cloudshsm.com

us01-api.cloudshsm.com

us02-api.cloudshsm.com

sg01-api.cloudshsm.com

Switzerland (Sandbox)

clock_hex1b8d4c 1h

ch01-api.cloudshsm.com

ch02-api.cloudshsm.com

Free trial

90 days
Proceed to the checkout to generate a pricing offer and adjust the VAT.

Pricing

You pay a monthly fee for each HSM in your account. Rates vary by Region. You can view these at

CloudHSM Pricing

The EJBCA® license fee is not included.

More resources