Certificate Hub
Say goodbye to interface mismatches and device compatibility issues
Unmatched flexibility and reliability in digital certificate provisioning for your organization
Traditionally, Certificate Authorities (CAs) offer limited interfaces, leading to potential mismatches between the capabilities of devices and the provided interfaces.
This can result in significant operational challenges and even failures in certificate acquisition for certain devices.
ID Security Enrollment Hub platform offers a comprehensive suite of front-end options, meticulously designed to cater to a diverse spectrum of devices and protocols. By shielding clients from the complexities of individual CAs, our product ensures smooth certificate delivery to devices that would otherwise face insurmountable challenges.
From client devices' perspective, Enrollment Hub front-ends behaves the same way a CA would and hence clients remain unaware that they are not interfacing directly with a CA.
Enhanced Security and Scalability
Isolation of the CA in the production network provides better protection against threats. Complete separation of tenants. Clustering capable. Platform-independent, auditied and hardened software stack.
Flexible policy setup
Distribution of certificates from any CA solution or an external Trust Center CA. Usage of standard or customized certificate templates. Licensing is independent of certificate volume (flat-rate model).
Seamless Integration and Automation
Native implementation of relevant protocols allows the use of standard tools on clients, eliminating the need for custom software. Seamless integration with industry-standard tools such as Active Directory Group Policies. Possibility for a high degree of automation, providing minimized PKI cost factor.
Comprehensive Certificate Management
Full-scale certificate management solution with powerful workflow capabilities. Auditing and notification of certificate lifecycle events.
Große Unternehmen vertrauen ID Security
Discover Enrollment Hub Platform's diverse frontends, each designed to cater to specific technical requirements:
SCEP & NDES Frontend
Leverage the widespread availability of Simple Certificate Enrollment Protocol (SCEP) alongside Microsoft's SCEP extension, NDES. Achieve seamless certificate provisioning, even in non-Microsoft environments, with adaptable deployment options on Linux and Windows servers.
Microsoft AD/CS (MSCS CEP & CES) Frontend
Offers SOAP-based Microsoft Active Directory Certificate Services specifications through CEP (Certificate Enrollment Policy Service) and CES (Certificate Enrollment Service). Enjoy autonomous deployment or combined functionality for comprehensive auto-enrollment support, independent of a Domain Controller, on Linux and Windows servers.When combined, the two services can provide full auto-enrollment support for Microsoft environments without need for a Domain Controller.
Microsoft DCOM Frontend
Leverage Distributed Component Object Model (DCOM) technology for remote certificate management exclusively on Windows servers.The Enrollment Hub DCOM frontend represents a selective implementation of the Microsoft specified set of COM interfaces to request certificates and query status information of certificates remotely.
EST Frontend
EST (Enrollment over Secure Transport) relies on SSL/TLS authentication for authorizing client certificate issuance, meaning full client certificate access with no setup required if the system already has a TLS stack. When not, it also supports Basic and Digest authentication for the bootstrapping process.
ACME Frontend
ACME (Automatic Certificate Management Environment) is a protocol designed to issue certificates with claims of web resource ownership (such as DNS and IP) by automatically validating the claims with little human interaction. Tradionally used by hosts reachable by the validating ACME server to request their own server TLS certificates.
LCEP Frontend
LCEP stands for Lightweight Certificate Enrollment Protocol and is an intelliCard-proprietary ASN.1-based protocol for automated certificate issuance for apps on mobile devices. It is closely related to the intelliCard MKS library (Mobile KeyStore) for Android and iOS.
The LCEP Frontend provides the entry point for mobile device apps using that library. Optimize certificate issuance for mobile apps using our Lightweight Certificate Enrollment Protocol (LCEP) and seamlessly integrate with Android and iOS platforms while maintaining compatibility across Linux and Windows servers.
Amanda Pisani
Chief Security Operations, Moloco
Want to know more about our way of working?
We are delighted to hear more about your situation and offer the best possible solution after consulting with our experts. So get in touch with us today.