work

PKI enrollment

Fully automated PKI enrollment

We run a three-tier PKI in our data center.

Our PKI consists of an offline Root CA, two sub CAs and four intermediate CAs.
All CAs are deployed geo-redundantly and secured by HSMs.

While this is a complex scenario and not automatically applicable to every internal PKI setup, it demonstrates the possibilities of operating a PKI in a failsafe manner and how to avoid outages.

The PKI currently automatically issues user and machine certificates, S/MIME certificates and provides smart card authentication for over 120 instances for a total of several thousand employees. Even some internet isolated legacy Windows systems are served by the modern PKI which has helped shut down AD CS-based PKI.

Maintenance work is mainly related to keep operating systems and applications updated and monitoring access activities.

We’ll be happy to show you the endless opportunities a PKI can offer your organization, giving you peace of mind when it comes to the security of your digital assets.