Deployment

The EJBCA container set is deployed using Helm, a Kubernetes package manager for deploying Helm charts. Deploying EJBCA using our Helm chart reduces setup complexity and simplifies the process of setting up EJBCA in your environment.

To quickly get started and try out EJBCA by deploying the container using a single command, see Getting Started and for a list of Helm deployments parameters, see EJBCA Helm Deployment Parameters.

Custom deployments

EJBCA Enterprise is often deployed as a cluster of multiple Certificate Authority (CA), Registration Authority (RA), and Validation Authority (VA) instances. For improved performance and security, EJBCA Enterprise can be set up to communicate with other instances of EJBCA acting as Registration Authority (RA) and/or Validation Authority (VA) using the peer protocol. For more information, see Deploy CA in Kubernetes and Deploy RA and VA in Kubernetes .

Deploy with automation ENTERPRISE

The EJBCA Enterprise PKI configuration export/import tool EJBCA ConfigDump allows you to deploy EJBCA Enterprise instances with automation. File-based configuration of EJBCA resources allows you to configure EJBCA to read Kubernetes ConfigMaps and Secrets to create resources during EJBCA deployment. This significantly reduces installation effort, and brings the advantage of replicating an existing setup. You can, for example create a setup of EJBCA instances in your development cluster, export the configuration from the environment, and then create an installation in your staging or production cluster and import the ConfigDump export. For more information, see Advanced Deployments.