Why your organization should migrate to Nexus' certificate authority (CA)

At Nexus, we often meet organizations that outgrow their current certificate authority (CA) software, due to operational needs such as lack of multi-tenancy, scalability, or not meeting compliance and regulatory requirements. However, making the transition to a new CA platform can be a daunting task as there needs to be the assurance that there is a seamless PKI migration without any downtime for users or servers. The Nexus Smart ID Certificate Manager ensures a smooth migration and is well-suited for those who want to switch from CAs such as Microsoft’s ADCS or consolidate their different CA systems.

Smart ID Certificate Manager is a flexible, scalable and high-security certificate authority (CA) platform for hosting one or more public key infrastructure (PKI) setups. The Nexus solution supports a wide range of certificate enrollment protocols, which enables organizations to issue, manage, and validate certificate-based electronic identities (eIDs) for people, infrastructure, and things. The software can be used for customized operations on-premises or in a hosted environment.

With Nexus’ long experience of PKI and history of migrating from many CA technologies, you can rest assured that you get the support you need during a migration.

Supporting digitalization and future use cases

Through the explosion of mobile services and IoT, an increasing number of organizations need digital certificate issuance services. PKI is a preferred deployment method for providing people, software and things with an eID as well as the ability to manage and validate these identities throughout their entire lifecycle. To support the growing dependency and business criticality, organizations need to select PKIs with a strong root of trust. Securing the process of issuing and managing certificates enables organizations to establish a great foundation for digital security.

Ensuring your CA can scale and grow along with your organization is important. This means your CA should include a high-volume threshold to keep up with your future needs. Smart ID Certificate Manager issues eIDs for millions of users and things and is trusted by numerous banks, enterprises, mobile network operators, defense organizations, and device manufacturers all over the world.

Whether used by a small organization or larger enterprise, CAs should be able to automate the full lifecycle management for certificates, to prevent certificate expiry and avoid risking service interruptions. Manually tracking and renewing certificates costs time and money and often creates mistakes that could have been easily avoided. The Nexus solutions offer ready-to-use workflows, automation and self-service features to make lifecycle management easy and smooth. The REST API and ACME protocol options enable the DevOps use cases with automated deployment and scaling at a high load, for virtualization with Docker, Kubernetes, or other deployment scenarios.

High security and compliance standards

Compliance standards are also continuing to rise and companies in industries with substantial regulatory requirements, including financial services and healthcare, are becoming more likely to choose internal CA as their primary PKI deployment method. Many organizations need a certificate authority that can support protocols such as EST, SCEP, REST, ACME, or web services. It’s necessary for your CA software to be able to keep up with changing requirements and protocols without causing additional work or updates. With Nexus Windows Enrollment Proxy (WinEP) and the new support for Intune, Nexus’ platform has the same basic functionality as ADCS but with extended security and flexibility.

Common Criteria for Information Technology Security Evaluation (CC) certification is required by organizations and governments to protect their business-critical infrastructures. CC is the widest available mutual recognition of secure IT products. The Common Criteria certification provides a guarantee for quality, reliability and security and is often required due to increased demand on information security driven by national or international regulations. Smart ID Certificate Manager is Common Criteria EAL4+ certified.

Smart ID Certificate Manager Features

There is a range of benefits to migrating to Smart ID Certificate Manager. Key features include:

  • Certified security - Evaluated according to Common Criteria EAL4+.
  • Secure operation – All steps are protected by PKI, and security is enforced using officer certificates and the four-eye principle for critical configuration changes.
  • Device flexibility – Suitable for many device types, by support for many open standards and protocols, such as CMP, EST, ACME, SCEP and REST API.
  • Performance and scalability – Certificate Manager can scale with complex environments and issue thousands of certificates per second.
  • Offered as a service – With the CM SDK proxy, the Certificate Manager can be offered as a service for use with all protocols.
  • Multitenancy – One CA can issue certificates to separate tenants, for example to multiple Windows domains.



More information

Learn more about the Nexus Smart ID Corporate PKI, a flexible and scalable solution that can be used by any organization to issue, manage and validate certificate-based digital identities for mixed endpoint environments that include people, infrastructure and things.

The Corporate PKI module can be used stand-alone or as an add-on to Digital ID to replace Microsoft ADCS or any other CA or PKI platform.

Want to get started? Contact us!




Read the latest news

Customer Cases Online service Workforce

ScandStick väljer Nexus för effektiv korthantering

10 oktober, 2023
Scandstick har valt Nexus som leverantör för sin korthantering. Nexus GO Cards minskar administrationen för företaget och blir på så vis kostnadsef...
Customer Cases Workforce Zero Trust

Landets IT-chefer överens – säkerheten har högsta prioritet

4 september, 2023
Landets IT-chefer överens - säkerheten har högsta prioritet De senaste åren har dominerats av stora kriser, först pandemin och därefter följderna ...
Citizen ID Customer Cases PKI

Kenya ushers in a new era of eCitizen services with National PKI

30 juli, 2023
Nexus PKI enables ICT Authority to facilitate secure growth of national digital infrastructure and achieve compliance with global standards.