PrimeKey PKI Appliance offers a complete feature set needed to operate a
full blown Public Key Infrastructure (PKI) out-of-the box. With the
combination of the Common Criteria certiﬁed EJBCA 5, easy to use
management functions, high-performance hardware and a FIPS 140-2
certiﬁed Hardware Security Module (HSM), PrimeKey PKI Appliance offers
the easiest and most efficient way to deploy an enterprise PKI system
without the hassles of complex installation and integration procedures.
Turn-Key PKI Solution
PrimeKey PKI Appliance brings all components needed to successful deploy and operate a
full-blown public key infrastructure. It includes a complete Certiﬁcate Management System,
with unlimited number of Certiﬁcation Authorities (CAs) and/or subordinate CAs,
Registration Authority (RA) and a Validation Authority (VA). An integrated HSM brings
enterprise-grade security keeping all cryptographic keys secure.
Easy and effective management is the key to a secure and reliable PKI deployment. Prime-
Key PKI Appliance offers an web based interface including all functions needed for an easy
deployment and effective operation. Backup & Restore procedures can easily be triggered
automatically and usually complex upgrades are done within few minutes.
Reliable and performant hardware is essential for the operation of critical systems like a PKI.
PrimeKey PKI Appliance is based on enterprise grade server components including ECC
protected RAM memory, redundant high-performance SSD drives and of course a
redundant power supply.
PrimeKey PKI Appliance delivers unbeatable performance when it comes to issuing
certiﬁcates or answering OCSP requests. The powerful hardware and efficient
implementation allows to issue more than 60.000 certiﬁcates per hour satisfying highest
demands of big public key infrastructures.
OEM PKI Integration Platform
A PKI is often a back-end system used by further applications like VPN, Mail Gateways, Card
Management Systems etc. PrimeKey PKI integration platform offers an easy and efficient
way for OEM partners to integrate own applications into the PKI Appliance environment
simplifying the deployment and reducing the costs. Pre-integrated systems based on a ﬁxed
software and hardware stack save valuable time and costs for customers, integration and
PrimeKey PKI Appliance
• Turn-Key solution for medium
and big size PKI deployments,
suitable even for massive cloud
• Common Criteria EAL 4+ and
FIPS 140-2 Level 3 certiﬁed
components assure quality as
well as regulations conformance
• Enterprise grade, high-
performance hardware with
Long Term Availability
• Scale-up and Scale-out options
• Enterprise grade Pre- and After-
Sales Services and Support, with
our PKI- and HSM- specialists
• Simply put, PrimeKey is your
one-stop-shop for mission critical
PKI technology and services
PrimeKey PKI Integration Platform comes with an
modularized and ﬂexible software stack. Based on
Security Foundation Platform (SFP) as a specialized
Linux OS, all application software components are
operated as virtual machines bringing the maximum
ﬂexibility to the system, simplifying procedures like
updates or backups, and making your PrimeKey
Centrally controlled by an Virtual Gateway (VGW),
separation of virtual networks maximizes the security
by tight control of the data ﬂow between the involved
software components. Whether Windows or Linux
based applications, with the ﬂexible and efficient
virtualization layer, all Third-Party systems can be easily
integrated and managed.
An HSM abstraction layer (VHSM) hides the complexity
of the underlaying technology simplifying the
integration of software components that require
access to the secure hardware.
Making the picture complete, a powerful
administration interface allows upload and
management of virtual components and internal
World leading open source PKI (Public Key Infrastructure) company, founder and commercial force behind SignServer
and EJBCA - the most downloaded open source PKI project.
PrimeKey’s enterprise class integration, dedication to open standards, training and support services, help customers
achieve their organizational goals.
What is in the box?
• Field replaceable, redundant high-performance SSDs
• Field replaceable redundant Power Supply
• Intel Xeon Server CPU
• Dual Ethernet Interface
• Utimaco CryptoServer SE, FIPS 140-2 Level 3 certiﬁed
• PKI Certiﬁcate Management System - EJBCA 5.0.4
Common Criteria EAL 4+
• PKI Validation Authority - EJBCA 5.0.4 Common Crite-
ria EAL 4+
For full feature set please see product information on
EJBCA PKI and EJBCA Validation Authority.
What is outside of the box?
• Full range of services, including design, deployment,
training, Best Practices, audit preparations, Support &
EJBCA PKI /
Third partyApplication & OS VGW
Security Foundation Platform
Enterprise Grade Server Hardware
Utimaco CryptoServer Se FIPS Level 3
SecureMetric Technology Sdn. Bhd.
2-2, Incubator 2, Technology Park Malaysia, Lebuhraya Sg Besi - Puchong, Bukit Jalil,
57000 Kuala Lumpur, Malaysia.
Tel: +603 8996 8225 Fax: +603 8996 7225