Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 834
  • Last Modified:

PKI Certificate Authority (CA) appliance

Looking to deploy a CA application and need some recommendations / link to documentation (preferrably an appliance).  Ideally, the application would be easy to administrate and troubleshoot.  Trying to stay with a unix OS, but willing to entertain other OS'.

Thanks in advance,
0
Pereda
Asked:
Pereda
1 Solution
 
btanExec ConsultantCommented:
Come to mind is openCA (https://pki.openca.org/), that is a full fledge PKI suite, which includes an OCSP server to immediately revoke certificates. It also has a PKI Resource Protocol server. OR using the software libraries such as openssl (http://novosial.org/openssl/).

But above are software and not always running in harden box most of the time, you likely to look at dedicated appliance that passed CC EAL 4 above and with crypto chip certified FIPS140-2 (or mostly known as Hardware Security Module (HSM) - an harden h/w storing crypto keys).

On the PKI environment, the HSMs may be used by certification authorities (CAs) and registration authorities (RAs) to generate, store, and handle key pairs. Also in the PKI environment, the device performance is much less important in both online and offline operations as Registration Authority procedures represent the performance bottleneck of the Infrastructure.

May want to explore http://www.securemetric.com/PKI-in-a-Box.php or http://pkiappliance.strongauth.com/
Other - http://www.primekey.se/Products/EJBCA+PKI/PKI+Appliance/
0
 
PeredaAuthor Commented:
Thank you. The comment gave a direction in which to focus. I think both were strong possibilities, though I chose to go with the the more cost effective solution of MS AD with an additional role of CA.
0

Featured Post

Get quick recovery of individual SharePoint items

Free tool – Veeam Explorer for Microsoft SharePoint, enables fast, easy restores of SharePoint sites, documents, libraries and lists — all with no agents to manage and no additional licenses to buy.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now