Key Management

Build Your PKI With Hardware Secured Keys
In 18 Minutes

Soon listed in Amazon Marketplace. Be the first to know!

Create Your PKI in 18 Minutes

Start using your own PKI, setup for you by Enigma Bridge. Enigma Bridge brings you a fully featured and simple PKI system with a certification authority and an OCSP responder supported with FIPS140-2 Level 3 hardware-protected keys. It also includes an out-of-the-box HTTPS with a browser trusted certificate.


We have turned a world-leading PKI system into a product that you can launch with Amazon's 1-click promise and get it all setup and ready for the first certificate automatically.

Secure and Trusted

Enigma Bridge provides physical security for your private keys. The protection is provided with FIPS140-2 Level 3 certified hardware that makes your keys untouchable.

Complete Control

We pre-configure the PKI with one root CA with its keys protected with FIPS140-2 Level 3 hardware. The instance allows you to create additional root CAs and sub-CAs. You also get a complete control over certificate profiles.

Enigma Bridge Key Management Features

The key management system is powered Enigma Bridge hardware encryption platform and the EJBCA PKI application from PrimeKey (one of the best KPI app around).

  • Certificate Authority – an X.509 certificate authority supporting a wide range of protocols including X.509, PKIX (RFC5280), SCEP, or CMP (RFC4210 and RFC4211).

  • Registration Authority – a front-end for manual approvals of certificate requests.

  • OCSP Responder – on-line certificate validation according to RFC2560, RFC6960 and RFC5019.

  • Physical security of PKI keys – keys for issuing certificates are protected with secure hardware with FIPS140-2 Level 3 and Common Criteria EAL4+ or EAL5 certifications.

  • Domain Name with HTTPS – out-of-the-box HTTPS to your new PKI system with DNS records instantly and securely updated each time you restart the EC2 instance.

For a full of the features of EJBCA PKI application, please visit PrimeKey website.

PKI Key Security

The keys used by the PKI system are only available in secure hardware. They neither leave it nor get stored on disk or memory.

Access Security

The default authentication of administrators is with client-side HTTPS authentication. Your initial key in a PKCS12 / PFX package is create automatically.

Operation Audit

Logs of PKI private keys are available for audit and inspection. Weekly summary reports are possible as well.