<img alt="" src="https://secure.weed6tape.com/193471.png" style="display:none;">
Discover our Cloud Console platform for an easy setup and management of your CloudHSM.

Learn more
Products & Solutions
Products & Solutions
Explore our portfolio of cutting-edge cybersecurity solutions, centered around our flagship Hardware Security Modules (HSMs). From encryption and key management to secure access and authentication, our products ensure robust protection for your most critical data and systems.
menu icon
Hardware Security Module (HSM)
HSM Overview What is an HSM? Primus HSM X Cyber Vault Primus HSM X-Series Primus HSM E-Series Primus HSM S-Series Primus HSM Blockchain Post-Quantum Cryptography
menu icon
Cloud Security
Securosys CloudHSM Cloud Console What is CloudHSM? CloudHSM Service Offerings Integrated Technologies HashiCorp Vault S365 DKE - add-in for Microsoft 365 Bring Your Own Key (BYOK) External Key Store (XKS) Proxy for AWS Fortinet Fortigate Keyfactor EJBCA/SignServer
menu icon
Additional Products and Services
Decanus Terminal Transaction Security Broker (TSB) Key Attestation Smart Key Attributes (SKA) Docker Image Security
Partners
Partners
shield-people-colourful
Partners
Partner Directory
digital-data-finance-security-transactions-2
Integrations
Integrated Technologies HashiCorp Vault Fortinet FortiGate S365 DKE - adds in for Microsoft Bring Your Own Key (BYOK) External Key Store (XKS) - Proxy for AWS Keyfactor EJBCA/SignServer
Support
Support
menu icon
Support
Online Documentation Support Portal System Status Trainings
finance-institution-colourful
What is ...?
What is an HSM? What is CloudHSM? What is BYOK? What is SIC system?
About
About
Learn more about our mission, explore career opportunities, and access our resources. Discover how we’re shaping the future of cybersecurity and how you can be part of it.
menu icon
Securosys SA
About Us Events News Career
menu icon
Resources
Online Documentation Blog Articles Stories and Paper Video Gallery
document-lock-b&w
Certifications
Security Certifications Safety & Compliance Certifications Company Certification
Contact us
  • There are no suggestions because the search field is empty.

Challenge

Modern enterprises demand scalable, robust, and easy-to-integrate PKI solutions to manage digital certificates and cryptographic operations securely. Traditional HSM integrations using PKCS#11 are often cumbersome to configure and maintain. Moreover, evolving cryptographic standards necessitate infrastructure readiness for PQC algorithms to stay secure and future-proof.

3D-circle-blocks-colourful

Solution

Securosys and Keyfactor offer a REST API-based integration that seamlessly connects Securosys Primus HSMs with Keyfactor EJBCA and SignServer. By leveraging REST API integration, Keyfactor EJBCA and SignServer can establish direct, secure connections with Securosys Primus HSMs, eliminating the need for additional middleware or PKCS#11 configurations. This integration streamlines certificate issuance, validation, and encryption processes, all while ensuring hardware-backed protection of private keys.

Enterprises benefit from real-time cryptographic operations that optimize both performance and security without added complexity. The solution also includes built-in support for NIST-selected post-quantum cryptographic algorithms – such as ML-DSA, SLH-DSA, ML-KEM, HSS-LMS, and XMSS – allowing organizations to future-proof their PKI infrastructure. As a result, businesses can smoothly transition into the post-quantum era while staying resilient against evolving security threats.

3D-circle-blocks-colourful

Key Benefits

API-circle-b&w
Simplified Setup & Maintenance
REST API integration reduces deployment complexity by eliminating PKCS#11 dependencies.
map-sphere-b&w
PQC-Ready Security
Native support for post-quantum algorithms ensures long-term cryptographic agility.
key-hand-b&w
Secure Key Management
SKA policies enforce multi-party authorization and regulatory compliance.
locket-circle-blocks-b&w
Flexible Deployment
Available on-premises or as a cloud-based service, enabling scalable deployment options.

Joint Use Case

This integration provides organizations with a forward-looking solution by supporting Post-Quantum Cryptography (PQC) algorithms, ensuring resilience against emerging threats. Businesses can utilize hybrid signatures that combine classical and post-quantum cryptographic algorithms, enabling broad compatibility across legacy and modern systems.

The solution strengthens security for critical applications such as digital signing, document authentication, and identity verification. These capabilities help organizations meet stringent compliance requirements while maintaining the highest level of trust in digital transactions. By leveraging this integration, businesses can proactively adapt their cryptographic infrastructure to evolving security challenges without disruptive systems overhauls.

Solution Components

Securosys Primus HSM and CloudHSM provide secure cryptographic key storage and management, ensuring that private keys remain protected in a tamper-resistant environment. Being compliant with FIPS 140-2 Level 3 and Common Criteria EAL4+, Securosys HSMs meet the highest security standards for enterprise environments.

Keyfactor’s EJBCA is a scalable, comprehensive certificate authority (CA) and PKI platform that handles certificate issuance, validation, and lifecycle management. SignServer ensures secure digital signing and timestamping for compliance and high-trust applications.

 

Keyfactor Solution Brief - Graphic(3)

 

Resources

EJBCA Quick Start Installation Prerequisites EJBCA Configuration