We have turned a world-leading PKI system into a product that you can launch and get it all setup and ready for the first certificate without any hassle.
Enigma Bridge provides physical security for your private keys. The protection is provided with FIPS140-2 Level 3 certified hardware that makes your keys untouchable.
EB PKI gives you a complete control for your key management. From the number of CAs and sub-CAs to certificate profiles.
EB PKI is designed for internal public key management and you can start issuing your own certificates within 20 minutes. Fast, cost efficient, and secure PKI system for everyone.
Certificates are signed by secure hardware to ensure high-level of security while you get all the benefits of the cloud.
Enigma Bridge brings you a fully featured and simple PKI system with a certification authority and an OCSP responder supported with FIPS140-2 Level 3 hardware-protected keys. Includes an out-of-the-box HTTPS with a browser trusted certificate.
The keys used by the PKI system are only available in secure hardware. They neither leave it nor get stored on disk or memory.
The default authentication of administrators is with client-side HTTPS authentication. Your initial key in a PKCS12 / PFX package is create automatically.
Logs of PKI private keys are available for audit and inspection. Weekly summary reports are possible as well.
The key management system is powered Enigma Bridge hardware encryption platform and the EJBCA PKI application from PrimeKey (one of the best PKI app around).
Certificate Authority – an X.509 certificate authority supporting a wide range of protocols including X.509, PKIX (RFC5280), SCEP, or CMP (RFC4210 and RFC4211).
Registration Authority – a front-end for manual approvals of certificate requests.
OCSP Responder – on-line certificate validation according to RFC2560, RFC6960 and RFC5019.
Physical security of PKI keys – keys for issuing certificates are protected with secure hardware with FIPS140-2 Level 3 and Common Criteria EAL4+ or EAL5 certifications.
Domain Name with HTTPS – out-of-the-box HTTPS to your new PKI system with DNS records instantly and securely updated each time you restart the EC2 instance.
For a full of the features of EJBCA PKI application, please visit the PrimeKey website.
Make sure that the security group of your EC2 instance allows external TCP communication at ports 443 and 8443.
Use a secure connection client (SSH/Putty) to connect to your EC2 instance once it is runnning. (detailed instructions)
Please run the command "sudo ebaws", and type "init" on the prompt. (detailed instructions)
Follow any additional instructions. We request your email address to create an account at https://enigmabridge.freshdesk.com.
Install an administrator authentication key - a secure replacement of passwords. (detailed instructions)
The web interface is available via your new PKI domain name. It is shown at the end of initialization.
Our aim is to provide managed service. Part of our process is to collect data from installation to help you troubleshoot any potential problems. You can see all data in your account at https://enigmabridge.freshdesk.com.
You can add additional details once you submit a request. A new instance will be launched within one working day of the first invoice fully paid.
All prices are exclusive of VAT.
* we guarentee only up to 500,000 OCSP verifications in 24 hours (i.e., 300 / minute).