Certificate Manager

Can I integrate Nexus Certificate Manager with Nexus PRIME?

Nexus PRIME has an out-of-the-box integration with Nexus Certificate Manager and other certificate authority (CA) softwares.

How can I deploy Nexus Certificate Manager?

Certificate Manager can be installed on-premises or bought as a managed service.

How does Nexus Certificate Manager relate to the EU eIDAS regulation?

Certificate Manager issues qualified certificates according to the EU regulation eIDAS.

The timestamping component is compliant with eIDAS time stamping requirements. Nexus’s customers use Certificate Manager in, for example, remote electronic signatures services.

Is Nexus Certificate Manager Common Criteria Evaluated?

Certificate Manager is in the process of being recertified for Evaluation Assurance Level 4+ (EAL4+) according to the international standard Common Criteria for Information Technology Security Evaluation (CC). The software was already certified for Evaluation Assurance Level 3 (EAL3) in previous versions. The certification for EAL4+ is planned to be ready the by end of 2018.

Can Nexus provide time stamping functionality?

Yes, Nexus Timestamp Server is a separate product that can be purchased as a part of the Certificate Manager platform or as a stand-alone product.

Can I integrate Nexus Certificate Manager with Nexus PRIME?

Yes, and the integration is standardized and works out-of-the-box, without the need for customizations.

The credential management system Nexus PRIME is used for more enhanced identity and credential management, for example, management workflows for lifecycle management, card production and self-service.

How does Nexus Certificate Manager issue certificates to IoT devices?

Certificate Managers supports common standards for IoT devices, including support for all major certificate enrollment protocols, such as SCEP, CMP, CMC and EST. Nexus conducts continuous interoperability testing with third-party devices, from vendors such as Ericsson, Cisco and Huawei.

Is Nexus Certificate Manager multitenant?

Yes, a single instance of Certificate Manager can run multiple certificate authorities (CAs). Each CA is managed with clean separation of individual policies, issuing and maintenance processes, and policy administrators.

What types of customers use Nexus Certificate Manager?

Government agencies, banks and financial institutions, large and medium-sized enterprises, defense industries, mobile network operators and trust service providers use Certificate Manager. They have implemented Certificate Manager because they need trusted identities for:

  • Citizens accessing e-government services.
  • Customers shopping online or applying for loans.
  • Employees accessing corporate data, applications and networks – anytime, anywhere and with any device.
  • Infrastructure resources or devices, for example Windows servers or eNodeBs in LTE networks, that need to authenticate and encrypt communication for confidentiality.
What business problems does Nexus Certificate Manager solve?

Digitalization and the sharp increase of online services and connected devices require trusted identities for people and things. Trusted identities are the foundation for all security, and they are what enables the implementation of mutual authentication, data encryption and digital signatures.

Certificate Manager issues and manages those trusted identities.

There are three main scenarios for Certificate Manager usage with respect to people: enabling trusted identities for workforce members, online customers and citizens. The trusted identities are used for everything from enabling online contract signatures, to granting secure access to digital resources.

In the IoT, all connected things need a trusted identity to be able to communicate securely with other things and people. There are different scenarios for Certificate Manager usage in IoT, a very important one being to fulfill the opportunities with Industry 4.0. For example, Certificate Manager enables secure remote software updates and proactive maintenance since the platform makes it possible to have continuous and protected communication with devices.

Another example of the strengths of Certificate Manager in IoT is its support for certificate enrolment protocols that are interoperable with LTE (4G) infrastructure components, thus enabling secure communication.

What is Nexus Certificate Manager?

Certificate Manager is a flexible certificate authority (CA) platform, with support for multitenancy and multiple use cases. It creates, issues and manages the life-cycle of eIDs for people, infrastructure and things. The product manages certificates, and private and public keys in public key infrastructures (PKI).

Key features:

  • Secure CA key management.
  • Flexible and effective workflow engine for secure implementation of certificate policies.
  • Secure registration for devices and people.
  • A broad set of deployment options for certificate issuing.
  • Integrated token and smart card lifecycle management.