Modernize Your PKI → Optimize Productivity → Reduce Risks    |Here’s how to replace Microsoft PKI with EJBCA

Publish Certificates to External Systems Securely and Conveniently

Developer Community

Do you need to make issued certificates and certificate status available to systems external to your certificate authority (CA)? Read on to learn how to. 

Being security aware, you of course want to limit access to the CA through appropriate network and IT security design. This means you want to limit incoming traffic to your CA.

Using the Cert Safe HTTPS Publisher in EJBCA, you can make certificates and certificate status available to external systems through REST calls that are automatically triggered from EJBCA on any certificate lifecycle event.

The receiving system needs to implement the Cert Safe REST API. Once configured in EJBCA, the system will receive REST calls with the PEM-encoded certificate and status keeping it up to date about any issued or revoked certificates. For revoked certificates, the integrated system will also get informed about the revocation reason.

The connection between EJBCA and the external system is initiated by EJBCA and protected through a mutual TLS connection. The secure publishing of certificate information to the external system will be consistently triggered regardless of whether the certificate issuance or revocation is triggered through the UI, API, or an enrollment protocol.

Since version 7.10, Cert Safe HTTPS Publisher is available in EJBCA Community. Read more in the release notes.

Get Started with Cert Safe Publisher

Do you want to try Cert Safe HTTPS Publisher with EJBCA? Here is how to get started:

  1. Download and install EJBCA Community, see Download EJBCA.
  2. Configure Cert Safe Publisher. See Cert Safe Publisher for an HTTPS Server.