Overview
Open-source PKI and Certificate Authority
EJBCA is an open-source PKI and Certificate Authority solution that covers all your certificate management, registration, enrollment, and validation needs. With a modular architecture for the Certificate Authority (CA), Registration Authority (RA), and Validation Authority (OCSP and CRL functionality), one installation can support multiple secure and independent PKIs simultaneously.
EJBCA supports many enrollment protocols, integration interfaces, certificate profiles, and cryptographic algorithms, making it an ideal choice for securing industrial environments, IoT devices, national eIDs, DevOps workflows, and internal PKIs. The EJBCA Community edition is an open-source project sponsored by Keyfactor and licensed under LGPL v2.1. In addition to the EJBCA AWS container package, EJBCA Community edition is also available for download from Docker Hub and GitHub.
If you require an SLA, additional deployment options, or more advanced PKI features, EJBCA Enterprise is for you. The Enterprise edition is available as a free 30-day trial in AWS and Azure.
As one of the longest-running open-source CA projects, EJBCA PKI offers time-proven robustness and reliability for businesses, organizations, and products worldwide.
Highlights
- Get started quickly with our container, video tutorials, and documentation online. AWS Specific: https://doc.primekey.com/x/7bmKAw General: https://doc.primekey.com/ejbca/tutorials-and-guides
- EJBCA allows you to meet any use case - the PKI platform supports a variety of enrolment protocols, integration interfaces, certificate profiles, and cryptographic algorithms. https://doc.primekey.com/ejbca/ejbca-introduction/interoperability-and-certifications
- Grow with your needs and convert to EJBCA Enterprise when your PKI service requires additional features, SLAs, or an alternative deployment option such as hardware or software appliance, cloud, SaaS, or a combination. Get started with a free 30-day trial of EJBCA Enterprise Cloud. https://aws.amazon.com/marketplace/pp/prodview-u2xdo5mkuilke?sr=0-1&ref_=beagle&applicationId=AWSMPContessa
Details
Features and programs
Financing for AWS Marketplace purchases
Pricing
Vendor refund policy
This is a placeholder value. Please update this value via the AWS Marketplace Management Portal.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
8.3.1
- Amazon ECS
- Amazon EKS
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
Additional details
Usage instructions
On your local workstation, configure a profile for the AWS CLI to use when connecting to AWS. You can accomplish this by calling the aws configure command, which will prompt you for the necessary values, including your user's Access Key ID and Secret Access Key. For more information see the following link: https://docs.aws.amazon.com/comprehend/latest/dg/setup-awscli.html
Before you pull a container image from AWS Marketplace, you must first sign into the registry of AWS Marketplace. $ aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 709825985650.dkr.ecr.us-east-1.amazonaws.com
If the login is successful, pull the container image with the following command: $ docker pull 709825985650.dkr.ecr.us-east-1.amazonaws.com/keyfactor/ejbca-ce:8.3.1
For easy startup: $ docker run 709825985650.dkr.ecr.us-east-1.amazonaws.com/keyfactor/ejbca-ce:8.3.1
For more parameters such as exposing ports to the localhost and setting up TLS for EJBCA, use something like the following $ docker run -it --rm -p 80:8080 -p 443:8443 -h localhost -e TLS_SETUP_ENABLED="true" 709825985650.dkr.ecr.us-east-1.amazonaws.com/keyfactor/ejbca-ce:8.3.1
Resources
Support
Vendor support
EJBCA Community edition is a Keyfactor-sponsored open-source project that is licensed under LGPL v2.1. Feel free to join our GitHub Discussion to share your ideas and ask questions about EJBCA PKI. If you encounter issues or have suggestions for new features and improvements, please submit them through GitHub Issues. For vulnerability reports concerning EJBCA, please send an email to security@primekey.com .
If you require additional support and SLAs, please contact Keyfactor to learn more about EJBCA Enterprise.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.