Introducing the 2024 PKI & Digital Trust Report     | Download the Report

What’s New in Keyfactor Command 10

Tech Updates

Keyfactor Command 10 Introduces New Workflow Builder and Native EJBCA Integration

What's new in this release?

Today we introduced Keyfactor Command 10

Organizations often see public key infrastructure (PKI) and Certificate Lifecycle Management as two separate problems. Issuing, renewing, and revoking certificates is usually handled by one party while managing certificates is done by another. When a PKI infrastructure is deployed, maintained, and operated separately from the management of certificates it generates – it creates silos within the organization, leading to invisibility and inefficiencies.  

As well as the operational setbacks and potential security risks of a disjointed PKI & Certificate Lifecycle Automation approach, manual workflow processes are proving to be increasingly troublesome as certificate usage increases. Certificate issuance and revocation have become a back-and-forth between security teams and end users – reducing operational agility. 

Today, we are pleased to announce the general availability of Keyfactor Command 10, bringing more flexibility and an improved user experience to the Keyfactor Command platform.  

Here we’ll take a look at the following key features and improvements: 

  • Integrate natively with EJBCA – Keyfactor Command now plugs directly into EJBCA, creating one integrated solution for issuing and managing certificates. 
  • Operate with agility – Automation makes creating and following processes for enrollment and revocation simpler to configure with a new visual layout.
  • Provide more governance – The addition of the ability to define enrollment values and policies on a template-by-template basis ensures certificates are enrolled efficiently, allowing security teams to enforce governance more easily

Watch the 2-minute video for a quick overview of the new features in Keyfactor Command 10. 

Native EJBCA integration

Keyfactor Command Natively integrates with EJBCA, a highly scalable and flexible PKI platform. The integration is even easier and faster to deploy with a native connection between the two solutions. This makes it easy to issue and manage the lifecycle of certificates from one integrated solution.

New workflow builder

With Keyfactor Command’s new workflow builder, certificate management tasks like revocation, renewal, and enrollment are easier than ever. The visual workflow builder allows administrators to define standardized approval steps and workflows for common certificate management tasks, creating a repeatable and scalable process.


Template-level settings and policy enforcement

Templates can now be configured with default enrollment data, ensuring that certificates are issued in a manner that adheres to governance policies. This will prevent certificate requests from having to be denied or revoked when they aren’t in compliance, and reduce enrollment errors that create unnecessary back and forth between administrators and certificate users.


Two sides of the same coin

With today’s update, Keyfactor Command 10 can now plug EJBCA directly into an organization’s certificate lifecycle automation platform – streamlining your operation and optimizing resources. Oftentimes, when we speak to organizations, they don’t just have a PKI problem or a certificate management problem. From setting up, maintaining, and operating PKI infrastructure to managing the certificates issued from internal and third-party CAs, the challenges of certificate issuance and management are two sides of the same coin.

  • Scale Cohesively: It is now easier than ever to deploy a modern Certificate Authority within your CLM platform.
  • Work Efficiently: Workflows in Keyfactor Command allow for automation and governance of certificate enrollment and revocation.
  • Manage Smarter: Expanded template functionality to allow customization of enrollment data and policies on a template level.

Ready to learn more?

Learn more about Keyfactor Command 10 here.