Certificate Authority

ISC CertAgent

2min

ISC CertAgent is a specialized Certificate Authority (CA) solution designed to handle secure key generation, certificate issuance, and management in a streamlined manner. It works seamlessly across different platforms and environments, catering to the specific needs of modern, scalable infrastructures.

Key features

This integration has the following features:

  • Cross-platform compatibility: ISC CertAgent is designed to be platform-agnostic, making it highly flexible for different deployment scenarios.
  • High availability and scalability: You can replicate CertAgent instances without creating subordinate certificate authorities by leveraging a PostgreSQL or Oracle database to which each CertAgent instance connects. Achieve High availability similarly by connecting the CertAgent instances to a database configured for high availability.
  • Use cases for CertAgent certificates: Use cases include the following:
    • You can implement a Commercial Solutions for Classified (CSfC) Capability Package by using CertAgent as a component in a CSfC deployment.
    • As an approved component in the National Security Agency Commercial Solutions for Classified program, CertAgent fully supports the generation and use of Elliptic Curve (EC) and RSA certificates, including those compliant with the NSA Commercial National Security Algorithm Suite recommendations (RSA-3072, ECC Curve P-384, and SHA-384).
  • Deploying smart cards for login: Provision smart cards with certificates to enable Microsoft Windows and Linux smart card login operation.
  • Providing strong authentication to services: Enhance the security of web browser-based applications, virtual private networks, and Wi-Fi networks.

Benefits of integration through PKCS #11

Integrating with provides the following benefits:

  • Enhanced security: Storing cryptographic keys within provides a secure vault, minimizing the risk of unauthorized access or key compromise.
  • Improved performance: HSMs, purpose-built to handle cryptographic operations efficiently, offer a performance boost in certificate issuance and validation processes.
  • Compliance readiness: Using facilitates compliance with regulatory standards that mandate strong cryptographic key management and storage mechanisms.
  • Operational resilience: provides failover and redundancy capabilities, ensuring that your CA operations are resilient against system failures.
  • Centralized key management: Integrating provides a centralized repository for cryptographic keys, which simplifies the task of key management and administration.



Updated 31 Jan 2025
Did this page help you?
PREVIOUS
Configure EJBCA
NEXT
Before you start
Docs powered by Archbee