Overview
EJBCA PKI for Enterprises - A powerful and flexible certificate issuance and management system to issue and enable full life-cycle control of digital certificate and Certificate (CA), Registration (RA) and Validation Authorities (VA); enabling multiple use cases and standards compliance. EJBCA now includes support for CloudHSM and AWS KMS, has introduced support for the ACME protocol and has a REST API. Please visit the EJBCA Enterprise Cloud documentation for CloudHSM and AWS KMS integration guides. This instance includes 8x5 Standard Support but is functionally identical to the Premium listing.
Version 2.0 and above now feature a web based configuration wizard so options to install directly into an RDS database or even have the ManagementCA keys be generated directly into CloudHSM can be chosen.
Please contact us for multi-node enterprise pricing at sales@keyfactor.com !
Highlights
- Multiple CAs and levels of CAs, build a complete infrastructure (or several) within one instance of EJBCA.
- Unlimited number of Root CAs and SubCAs. Request cross certificates and bridge certificates from other CAs and Bridge CAs. Issue cross certificates to other CAs.
- Support all common PKI Architectures, as well as many uncommon. Store keys in CloudHSM, AWS KMS, in a PKCS11 connected HSM, or in the database (for demo).
Details
Typical total price
$2.753/hour
Features and programs
Financing for AWS Marketplace purchases
Pricing
Free trial
Instance type | Product cost/hour | EC2 cost/hour | Total/hour |
---|---|---|---|
t2.medium | $2.08 | $0.046 | $2.126 |
t2.xlarge | $3.86 | $0.186 | $4.046 |
t2.2xlarge | $5.19 | $0.371 | $5.561 |
t3.medium | $2.08 | $0.042 | $2.122 |
t3.large Recommended | $2.67 | $0.083 | $2.753 |
t3.xlarge | $3.86 | $0.166 | $4.026 |
t3.2xlarge | $5.19 | $0.333 | $5.523 |
t3a.medium | $2.08 | $0.038 | $2.118 |
t3a.large | $2.67 | $0.075 | $2.745 |
t3a.xlarge | $3.86 | $0.15 | $4.01 |
Additional AWS infrastructure costs
Type | Cost |
---|---|
EBS General Purpose SSD (gp2) volumes | $0.10/per GB/month of provisioned storage |
Vendor refund policy
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
Using Firefox, point your web browser to the instance's IP. Accept the certificate warning. Retrieve the Superadmin certificate via the EJBCA PublicWeb portal by selecting the "Create Keystore" link. The username will be "superadmin" and the password will be the superadmin password chosen during wizard configuration. Download the superadmin.p12 and import it into FireFox via the menu under FireFox > Preferences > Privacy and Security > Certificates > View Certificates > Your Certificates > Import. The password to the p12 certificate file will be the same password used to retrieve it. Click administration in the Public Web Portal to start configuring EJBCA.
Support
Vendor support
Product Support: To register with PrimeKey, a Keyfactor Company Support, please send an email to support@primekey.com and note that you are an AWS customer. Please note that PrimeKey, a Keyfactor Company Support has no other way to identify you as a PrimeKey, a Keyfactor Company customer unless you contact us at support@primekey.com and state that you are a PrimeKey, a Keyfactor Company customer on AWS.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Customer reviews
Innovative PKI appliance
- good manufacturer documentation
- good support
- PKI hardware appliance with an integrated HSM is easy to implement and integrate in the infrastructure
- short update intervall that includes new features
- certificate and end entity search through the RA Web interface (very fast and easy to use)
Pros and cons of EJBCA
It allows users to develop additional functions or fix behavior quickly.
It's built on a Common Criteria-certified and NSA CSfC-approved PKI solution.
Implementation is easy and custome support is also good.
I have used frequently at that time this product.
Integration with other product is too easy.
Very good but needs more transparency on bug fixes and more attention to evolving CABF regulations
Also, KeyFactor seems not to follow very closely the evolution of CAB Forum Baseline Requirements, and this has led more than once to mis-issuances that could have been avoided if KeyFactor was more attentive and pro-active.