What is a corporate PKI?

A corporate public-key infrastructure can issue and manage trusted identities for people, devices and services, forming the basis of information security in an organization. 

Smart ID provides a reliable foundation, including roles, policies and procedures, for issuing and managing trusted, certificate-based identities.


Strong authentication

Certificate-based authentication ensures that only authorized users, devices or servers can connect to a network or application. Revocation of certificates instantly blocks access in case of compromise or emergency.

Encryption and Privacy

Certificates enable encrypted communication between devices and services for secure transmission of data over TLS.


Digitally signed messages based on certificates can be used to prove the origin of data, and to detect manipulation of data. Signed firmware enables secure software updates.



How the Nexus corporate pki works

How does Corporate PKI work?

Smart ID corporate PKI is a flexible and scalable solution that can be used by any organization to issue, manage and validate certificate-based digital identities for mixed endpoint environments that include people, infrastructure and things.

You can expect the following key features:

  • Offers a complete public-key infrastructure (PKI) platform as the basis for trusted identities.
  • Can automate and manage certificates to persons, hardware devices such as servers and routers, and for DevOps processes.
  • Enables high security processes by built-in certificate authority policies and enforced four-eye principle for configuration changes.
  • Allows certificate storage on various bearers through support for multiple certificate enrollment protocols.
  • Connects to hardware security modules (HSM) for secure issuing and storage of CA keys.
  • Synchronizes identity data with a connected directory service.
  • Can be combined with publicly trusted certificates (over SCEP or ACME) for example for secure email and public facing web servers.
  • Supports key archiving and recovery.

Read more on Docs



Evaluating platforms for your Corporate PKI?

Have a look at our comparison guide of Nexus Smart ID Certificate Manager vs Microsoft Active Directory Certificate Services


Combine with other solutions

Add the following Smart ID modules for a complete solution to cover your needs: 



PKI as a Service

Select how you buy and deploy your PKI. With Nexus GO PKI, your organization is enabled to issue and manage PKI certificates in the cloud. Quickly design and deploy a highly secure and compliant PKI platform to automate and manage the lifecycle of trusted identities.

Learn more about Nexus GO PKI

pki as a service

Why Nexus

The main advantages of the Nexus solution are:

Proven security

Based on standard products that are proven in business-critical environments and made in Sweden. 


Offers the highest level of compliance through a common criteria (EAL4+) certified platform and the possibility to store CA keys in a wide range of hardware security modules (HSM).  

Locally or as a service

Can be deployed in your corporate trust center or provided as a service from Nexus or one of our partners, and can run in multi-tenant environment.