Why your organization should migrate to Nexus' certificate authority (CA)

At Nexus, we often meet organizations that outgrow their current certificate authority (CA) software, due to operational needs such as lack of multi-tenancy, scalability, or not meeting compliance and regulatory requirements. However, making the transition to a new CA platform can be a daunting task as there needs to be the assurance that there is a seamless PKI migration without any downtime for users or servers. The Nexus Smart ID Certificate Manager ensures a smooth migration and is well-suited for those who want to switch from CAs such as Microsoft’s ADCS or consolidate their different CA systems.

Smart ID PKI is a flexible, scalable, and high-security certificate authority (CA) platform for hosting one or more public key infrastructure (PKI) setups. The Nexus solution supports a wide range of certificate enrollment protocols, which enables organizations to issue, manage, and validate certificate-based electronic identities (eIDs) for people, infrastructure, and things. The software can be used for customized operations on-premises or in a hosted environment.

With Nexus’ long experience with PKI and history of migrating from many CA technologies, you can rest assured that you get the support you need during a migration.

Supporting digitalization and future use cases

Through the explosion of mobile services and IoT, an increasing number of organizations need digital certificate issuance services. PKI is a preferred method for providing people, software, and things with an eID as well as the ability to manage and validate these identities throughout their entire lifecycle. To support the growing dependency and business criticality, organizations need to select PKIs with a strong root of trust. Securing the process of issuing and managing certificates enables organizations to establish a great foundation for digital security.

Ensuring your CA can scale and grow along with your organization is important. This means your CA should include a high-volume threshold to keep up with your future needs. Smart ID Certificate Manager issues eIDs for millions of users and things and is trusted by numerous banks, enterprises, mobile network operators, defense organizations, and device manufacturers all over the world.

Whether used by a small organization or a larger enterprise, CAs should be able to automate the full lifecycle management for certificates, to prevent certificate expiry and avoid risking service interruptions. Manually tracking and renewing certificates costs time and money and often creates mistakes that could have been easily avoided. The Nexus solutions offer ready-to-use workflows, automation, and self-service features to make lifecycle management easy and smooth. The REST API and ACME protocol options enable the DevOps use cases with automated deployment and scaling at a high load, for virtualization with Docker, Kubernetes, or other deployment scenarios.

High security and compliance standards

Compliance standards are also continuing to rise and companies in industries with substantial regulatory requirements, including financial services and healthcare, are becoming more likely to choose internal CA as their primary PKI deployment method. Many organizations need a certificate authority that can support protocols such as EST, SCEP, REST, ACME, or web services. It’s necessary for your CA software to be able to keep up with changing requirements and protocols without causing additional work or updates. With Nexus Windows Enrollment Proxy (WinEP) and the new support for Intune, Nexus’ platform has the same basic functionality as ADCS but with extended security and flexibility.

Common Criteria for Information Technology Security Evaluation (CC) certification is required by organizations and governments to protect their business-critical infrastructures. CC is the widest available mutual recognition of secure IT products. The Common Criteria certification provides a guarantee for quality, reliability, and security and is often required due to increased demand for information security driven by national or international regulations. Smart ID Certificate Manager is Common Criteria EAL4+ certified.

Smart ID PKI Platform 

There is a range of benefits to migrating to Smart ID Certificate Manager. Key differentiators include:

  • Certified security: Evaluated according to Common Criteria EAL4+
  • Secure operation: All steps are protected by PKI, and security is enforced using officer certificates and the four-eye principle for critical configuration changes
  • Device flexibility: Suitable for many device types, by support for many open standards and protocols, such as CMP, EST, ACME, SCEP, and REST API
  • Performance and scalability: Certificate Manager can scale with complex environments and issue thousands of certificates per second
  • Offered as a service: With the CM SDK proxy, the Certificate Manager can be offered as a service for use with all protocols
  • Multi-tenancy: One CA can issue certificates to separate tenants, for example to multiple Windows domains

Evaluating PKI Platforms? Download comparison guide




More information

Learn more about the Nexus Smart ID PKI platform, a flexible and scalable solution that can be used by any organization to issue, manage and validate certificate-based digital identities for mixed endpoint environments that include people, infrastructure, and things.

The Corporate PKI module can be used stand-alone or as an add-on to Digital ID to replace Microsoft ADCS or any other CA or PKI platform.

Want to get started? Contact us!




Read the latest news

Citizen ID Customer Cases PKI

Pantasign strengthens trust in India’s digital ecosystem with Nexus PKI

25 March, 2024
Pantasign is leading the way towards a trusted digital authentication ecosystem to meet the changing security requirements of India's digital lands...
Blog Citizen ID News PKI Press release

Nexus strengthens its mission to secure society with Asia PKI Consortium

25 March, 2024
Nexus' decision to join the APKIC aligns with its commitment to develop standards and principles that foster PKI interoperability.
Citizen ID Customer Cases PKI

XtraTrust empowers secure digital transformation in India with Nexus PKI

21 March, 2024
XtraTrust empowers secure digital transformation in India with Nexus Smart ID PKI