Keyfactor Command MCP Server

Info

Sold by: Keyfactor, Inc.

Remote MCP Server for Keyfactor Command

View purchase options

Overview

Try agent mode

Create proposal

Ask question

The Keyfactor Command Remote MCP Server provides an experimental interface to interact with Keyfactor Command through AI assistants like Claude using natural language. Rather than learning Keyfactor's special query syntax or navigating administrative interfaces, users can perform certificate management tasks conversationally.

Keyfactor Command is a Certificate Lifecycle Management (CLM) and Public Key Infrastructure (PKI) automation platform that manages keys and X.509 certificates throughout their lifecycle, integrates with multiple Certificate Authorities, and provides enterprise-wide certificate visibility and control.

This MCP server enables:

Natural language queries instead of learning special query syntax
Certificate search and discovery through conversational requests
Certificate lifecycle operations (enrollment, renewal, revocation)
Access to Risk Intelligence findings (separately licensed add-on) with AI interpretation

MCP is an emerging standard and security practices are evolving. Security in this context is enormously complex, and while our solution aims to actively help with some facets of cybersecurity in an Agentic AI setting, this solution does not guarantee protection from all possible Cross-Site Request Forgery, Man-in-the-Middle, Prompt Injection, and similar attacks, nor does it implement all OIDC features that may mitigate certain risks.

This MCP Server is experimental; use in production is discouraged and caution is advised when allowing AI Agents access to your enterprise PKI systems.

Highlights

Use Natural Language User Experience for Keyfactor CLM
Make Risk Intelligence insights more actionable than ever!
Secured by Oauth2 Authorization Code flow with PKCE (non-OIDC)

Details

Sold by

Keyfactor, Inc.

Introducing multi-product solutions

You can now purchase comprehensive solutions tailored to use cases and industries.

Learn more

Explore multi-product solutions

Features and programs

Financing for AWS Marketplace purchases

AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.

View financing details

Pricing

Keyfactor Command MCP Server

Info

View purchase options

This product is available free of charge. Free subscriptions have no end date and may be canceled any time.

Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.

Vendor refund policy

https://support.keyfactor.com

How can we make this page better?

We'd like to hear your feedback and ideas on how to improve this page.

Legal

Vendor terms and conditions

Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

Content disclaimer

Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

Usage information

Info

Delivery details

0.2

Supported services: Learn more

Amazon ECS
Amazon EKS

Container image

Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.

Version release notes

Initial release

Additional details

Usage instructions

On your local workstation, configure a profile for the AWS CLI to use when connecting to AWS. You can accomplish this by calling the aws configure command, which will prompt you for the necessary values, including your user's Access Key ID and Secret Access Key. For more information see the following link: https://docs.aws.amazon.com/comprehend/latest/dg/setup-awscli.html

Before you pull a container image from AWS Marketplace, you must first sign into the registry of AWS Marketplace. $ aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 709825985650.dkr.ecr.us-east-1.amazonaws.com

If the login is successful, pull the container image with the following command: $ docker pull 709825985650.dkr.ecr.us-east-1.amazonaws.com/keyfactor/command-mcp-server:0.2

Create an empty file called "mcpenv.txt". (touch mcpenv.txt)
Run the following docker command changing the values included to specifics for your environment:

docker run -d
-p 8080:8080 \ -e KEYFACTOR_HOSTNAME='your-instance.example.com'
-e KEYFACTOR_URLBASE='KeyfactorAPI'
-e COMMAND_IDP_TOKENURL='https://your-idp.com/oauth/token '
-e COMMAND_IDP_AUTHORIZATION_URL='https://your-idp.com/authorize '
-e COMMAND_IDP_CLIENTID='your-client-id'
-e COMMAND_IDP_CLIENTSECRET='your-client-secret'
-e COMMAND_IDP_AUDIENCE='your-api-audience'
-e KEYFACTOR_TEMPLATE='WebServer'
-e KEYFACTOR_CA='CAhostname\logicalName'
-e CALLBACK_URL='http://localhost:8080/oauth/callback '
-e MCP_SERVER_PORT=8080
-e COMMAND_IDP='Auth0'
-v $(pwd)/mcpenv.txt:/app/mcpenv.txt
command-mcp-server:latest

Support

Vendor support

Get support

AWS infrastructure support

AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

Get support

Similar products

SignServer Community Edition

By Keyfactor, Inc.

SignServer digitally signs your documents and code while keeping signature keys secure and workflows easy, secure and auditable. Start securely signing documents and code today.

View product

EJBCA Enterprise Cloud - 24x7 Support

By Keyfactor, Inc.

EJBCA PKI for Enterprises - A powerful and flexible certificate issuance and management system to issue and enable full life-cycle control of digital certificate and Certificate (CA), Registration (RA) and Validation Authorities (VA); enabling multiple use cases and standards compliance.

View product

EJBCA Enterprise Cloud Registration Authority (RA) - 8x5 Support

By Keyfactor, Inc.

View product

EJBCA Enterprise Cloud Validation Authority (VA) - 8x5 Support

By Keyfactor, Inc.

EJBCA Enterprise Validation Authority for Enterprises

View product

SignServer Enterprise Cloud Edition - 8x5 Support

By Keyfactor, Inc.

SignServer Enterprise is a server-side digital signature software used to sign any digital document, and more. SignServer offers high performance and high availability and is designed to perform automated signatures (and other cryptographic operations on digital documents).

View product

Customer reviews

Leave a review

Ratings and reviews

Info

0 ratings

5 star

4 star

3 star

2 star

1 star

0 reviews

No customer reviews yet

Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.