Why your organization should migrate to Nexus' certificate authority (CA)

At Nexus, we often meet organizations that outgrow their current certificate authority (CA) software, due to operational needs such as lack of multi-tenancy, scalability, or not meeting compliance and regulatory requirements. However, making the transition to a new CA platform can be a daunting task as there needs to be the assurance that there is a seamless PKI migration without any downtime for users or servers. The Nexus Smart ID Certificate Manager ensures a smooth migration and is well-suited for those who want to switch from CAs such as Microsoft’s ADCS or consolidate their different CA systems.

Smart ID Certificate Manager is a flexible, scalable and high-security certificate authority (CA) platform for hosting one or more public key infrastructure (PKI) setups. The Nexus solution supports a wide range of certificate enrollment protocols, which enables organizations to issue, manage, and validate certificate-based electronic identities (eIDs) for people, infrastructure, and things. The software can be used for customized operations on-premises or in a hosted environment.

With Nexus’ long experience of PKI and history of migrating from many CA technologies, you can rest assured that you get the support you need during a migration.

Supporting digitalization and future use cases

Through the explosion of mobile services and IoT, an increasing number of organizations need digital certificate issuance services. PKI is a preferred deployment method for providing people, software and things with an eID as well as the ability to manage and validate these identities throughout their entire lifecycle. To support the growing dependency and business criticality, organizations need to select PKIs with a strong root of trust. Securing the process of issuing and managing certificates enables organizations to establish a great foundation for digital security.

Ensuring your CA can scale and grow along with your organization is important. This means your CA should include a high-volume threshold to keep up with your future needs. Smart ID Certificate Manager issues eIDs for millions of users and things and is trusted by numerous banks, enterprises, mobile network operators, defense organizations, and device manufacturers all over the world.

Whether used by a small organization or larger enterprise, CAs should be able to automate the full lifecycle management for certificates, to prevent certificate expiry and avoid risking service interruptions. Manually tracking and renewing certificates costs time and money and often creates mistakes that could have been easily avoided. The Nexus solutions offer ready-to-use workflows, automation and self-service features to make lifecycle management easy and smooth. The REST API and ACME protocol options enable the DevOps use cases with automated deployment and scaling at a high load, for virtualization with Docker, Kubernetes, or other deployment scenarios.

High security and compliance standards

Compliance standards are also continuing to rise and companies in industries with substantial regulatory requirements, including financial services and healthcare, are becoming more likely to choose internal CA as their primary PKI deployment method. Many organizations need a certificate authority that can support protocols such as EST, SCEP, REST, ACME, or web services. It’s necessary for your CA software to be able to keep up with changing requirements and protocols without causing additional work or updates. With Nexus Windows Enrollment Proxy (WinEP) and the new support for Intune, Nexus’ platform has the same basic functionality as ADCS but with extended security and flexibility.

Common Criteria for Information Technology Security Evaluation (CC) certification is required by organizations and governments to protect their business-critical infrastructures. CC is the widest available mutual recognition of secure IT products. The Common Criteria certification provides a guarantee for quality, reliability and security and is often required due to increased demand on information security driven by national or international regulations. Smart ID Certificate Manager is Common Criteria EAL4+ certified.

Smart ID Certificate Manager Features

There is a range of benefits to migrating to Smart ID Certificate Manager. Key features include:

  • Certified security - Evaluated according to Common Criteria EAL4+.
  • Secure operation – All steps are protected by PKI, and security is enforced using officer certificates and the four-eye principle for critical configuration changes.
  • Device flexibility – Suitable for many device types, by support for many open standards and protocols, such as CMP, EST, ACME, SCEP and REST API.
  • Performance and scalability – Certificate Manager can scale with complex environments and issue thousands of certificates per second.
  • Offered as a service – With the CM SDK proxy, the Certificate Manager can be offered as a service for use with all protocols.
  • Multitenancy – One CA can issue certificates to separate tenants, for example to multiple Windows domains.



More information

Learn more about the Nexus Smart ID Corporate PKI, a flexible and scalable solution that can be used by any organization to issue, manage and validate certificate-based digital identities for mixed endpoint environments that include people, infrastructure and things.

The Corporate PKI module can be used stand-alone or as an add-on to Digital ID to replace Microsoft ADCS or any other CA or PKI platform.

Want to get started? Contact us!




Read the latest news

Customer Cases Workforce

Strömsunds kommun väljer GO Workforce för att säkerställa säkra identiteter  

24 oktober, 2022
Strömsunds kommun väljer GO Workforce för att säkerställa säkra identiteter för sin personal inom vård och omsorg   Strömsunds kommun har valt Ne...
Customer Cases Partner Workforce

Diamond Trust Bank renews its trust in Nexus

22 juli, 2022
To further strengthen its cybersecurity resilience, Diamond Trust Bank chose Nexus Smart ID to enable secure digital access for its employees acros...
Customer Cases PKI

Nexus enables Trust Service Provider, Audkenni, to offer digital security solutions in Iceland

29 juni, 2022
Nexus enables Audkenni to issue next generation qualified digital identities in Iceland Audkenni, the main trust service provider in Iceland, has ...