EJBCA Enterprise Cloud - Validation Authority (VA)

PrimeKey, Inc.

EJBCA Enterprise Cloud - Validation Authority (VA)

PrimeKey, Inc.

EJBCA PKI for Enterprises: a powerful and flexible certificate revocation handling and validation.

30 day free* trial – Click GET IT NOW

Online certificate validation is efficiently achieved through the use of the EJBCA Validation Authority — PrimeKey’s high performance, scalable Validation Authority server, based upon the OCSP standard. Unlike some other responders, EJBCA Validation Authority is capable of providing real time certificate validation. In addition, EJBCA Validation Authority also supports the usage of CRLs.

You don’t have to wait for issuance of CRLs when working with a true online certificate validation system like the EJBCA Validation Authority using OCSP. Using a relational database as back-end storage, EJBCA Validation Authority can immediately update certificates information upon certificates revocation.  One can even issue millions of inactive certificates that can later on be activated – something virtually impossible using traditional methods.

Leverage our how-to guides for easy installation and configuration. Be up and running in less than an hour.

Key Benefits:

  • Implements RFC 2560, RFC 6960 and RFC 5019
  • Independent of CA software used
  • One responder can respond for any number of CAs
  • Status information stored in SQL database
  • Not depending on CRLs. Status information can be updated in real-time
  • Plug-in mechanism for custom OCSP extensions
  • Suitable for invoicing
  • Supports PKCS#11 HSMs
  • Built in health check used by load balancers and for monitoring
  • Configurable for requiring signed requests, authorized signers, etc.
  • Linear scalability for performance and high availability by adding multiple nodes
  • High performance, >500 request per second can be achieved on a single server

Main EJBCA Highlights:

  • Multiple CAs and levels of CAs, build a complete PKI (or several) within one instance of EJBCA.
  • Native support for Azure Key Vault for CA private key storage.
  • Unlimited number of Root CAs and SubCAs.
  • EJBCA supports SCEP, CMP, EST, ACME, OCSP, REST APIs and others.
  • Multiple instances of EJBCA can be used for a distributed deployment. Horizontally at the CA layer, or for external RA and VA support.

This software comes with two available SKUs. One SKU includes 8x5 Standard Support, but is functionally identical to the 24x7 Premium Support listing.

If you would like to run several instances and would like enterprise pricing, please email We are also available for professional services engagements if you need configuration assistance.

*Price is added to Azure instance computecharges.