How AI, OpenAI, and ChatGPT impact business and software.
PKI-In-A-Box
1. PrimeKey PKI Appliance offers a complete feature set needed to operate a
full blown Public Key Infrastructure (PKI) out-of-the box. With the
combination of the Common Criteria certified EJBCA 5, easy to use
management functions, high-performance hardware and a FIPS 140-2
certified Hardware Security Module (HSM), PrimeKey PKI Appliance offers
the easiest and most efficient way to deploy an enterprise PKI system
without the hassles of complex installation and integration procedures.
Turn-Key PKI Solution
PrimeKey PKI Appliance brings all components needed to successful deploy and operate a
full-blown public key infrastructure. It includes a complete Certificate Management System,
with unlimited number of Certification Authorities (CAs) and/or subordinate CAs,
Registration Authority (RA) and a Validation Authority (VA). An integrated HSM brings
enterprise-grade security keeping all cryptographic keys secure.
Easy Management
Easy and effective management is the key to a secure and reliable PKI deployment. Prime-
Key PKI Appliance offers an web based interface including all functions needed for an easy
deployment and effective operation. Backup & Restore procedures can easily be triggered
automatically and usually complex upgrades are done within few minutes.
Powerful Hardware
Reliable and performant hardware is essential for the operation of critical systems like a PKI.
PrimeKey PKI Appliance is based on enterprise grade server components including ECC
protected RAM memory, redundant high-performance SSD drives and of course a
redundant power supply.
Unbeatable performance
PrimeKey PKI Appliance delivers unbeatable performance when it comes to issuing
certificates or answering OCSP requests. The powerful hardware and efficient
implementation allows to issue more than 60.000 certificates per hour satisfying highest
demands of big public key infrastructures.
OEM PKI Integration Platform
A PKI is often a back-end system used by further applications like VPN, Mail Gateways, Card
Management Systems etc. PrimeKey PKI integration platform offers an easy and efficient
way for OEM partners to integrate own applications into the PKI Appliance environment
simplifying the deployment and reducing the costs. Pre-integrated systems based on a fixed
software and hardware stack save valuable time and costs for customers, integration and
support specialists.
PrimeKey PKI Appliance
Highlights
• Turn-Key solution for medium
and big size PKI deployments,
suitable even for massive cloud
services
• Common Criteria EAL 4+ and
FIPS 140-2 Level 3 certified
components assure quality as
well as regulations conformance
• Enterprise grade, high-
performance hardware with
Long Term Availability
• Scale-up and Scale-out options
• Enterprise grade Pre- and After-
Sales Services and Support, with
our PKI- and HSM- specialists
• Simply put, PrimeKey is your
one-stop-shop for mission critical
PKI technology and services
www.securemetric.com
2. Technology Stack
PrimeKey PKI Integration Platform comes with an
modularized and flexible software stack. Based on
Security Foundation Platform (SFP) as a specialized
Linux OS, all application software components are
operated as virtual machines bringing the maximum
flexibility to the system, simplifying procedures like
updates or backups, and making your PrimeKey
Appliances re-usable.
Centrally controlled by an Virtual Gateway (VGW),
separation of virtual networks maximizes the security
by tight control of the data flow between the involved
software components. Whether Windows or Linux
based applications, with the flexible and efficient
virtualization layer, all Third-Party systems can be easily
integrated and managed.
An HSM abstraction layer (VHSM) hides the complexity
of the underlaying technology simplifying the
integration of software components that require
access to the secure hardware.
Making the picture complete, a powerful
administration interface allows upload and
management of virtual components and internal
configuration.
About PrimeKey
World leading open source PKI (Public Key Infrastructure) company, founder and commercial force behind SignServer
and EJBCA - the most downloaded open source PKI project.
PrimeKey’s enterprise class integration, dedication to open standards, training and support services, help customers
achieve their organizational goals.
What is in the box?
Hardware
• Field replaceable, redundant high-performance SSDs
• Field replaceable redundant Power Supply
• Intel Xeon Server CPU
• Dual Ethernet Interface
• Utimaco CryptoServer SE, FIPS 140-2 Level 3 certified
Software
• PKI Certificate Management System - EJBCA 5.0.4
Common Criteria EAL 4+
• PKI Validation Authority - EJBCA 5.0.4 Common Crite-
ria EAL 4+
For full feature set please see product information on
EJBCA PKI and EJBCA Validation Authority.
What is outside of the box?
PrimeAssure Services
• Full range of services, including design, deployment,
training, Best Practices, audit preparations, Support &
Maintenance
VHSM
EJBCA PKI /
EJBCAValidationAuthority /
SignServer
Third partyApplication & OS VGW
Virtual Switch
SFP
Security Foundation Platform
Hardware
Enterprise Grade Server Hardware
HSM
Utimaco CryptoServer Se FIPS Level 3
Virtualization
Virtual Network
SecureMetric Technology Sdn. Bhd.
2-2, Incubator 2, Technology Park Malaysia, Lebuhraya Sg Besi - Puchong, Bukit Jalil,
57000 Kuala Lumpur, Malaysia.
Tel: +603 8996 8225 Fax: +603 8996 7225