EJBCA Container Set
The EJBCA container set offers components and resources designed to facilitate the deployment and management of EJBCA in various environments. It includes distinct containers for different functionalities, Helm charts for easy orchestration, and integration with Hardware Security Modules (HSMs). The following lists key components and resources.
EJBCA Container Set Components
EJBCA containers
EJBCA Enterprise Edition:
ejbca-ee
- full EJBCA Enterprise functionality.ejbca-ee-ra
- Registration Authority (RA).ejbca-ee-va
- Validation Authority (VA).
Community Edition:
ejbca-ce
- EJBCA Community
Helm Charts
ejbca
- EJBCA Enterprise Editionejbca-ce
- EJBCA Community Edition
HSM sidecar containers
hsm-driver-utimaco
- Utimaco CryptoServerhsm-driver-luna7
- Thales Luna Network HSM 7hsm-driver-softhsm
- SoftHSM (for non-production use)
Container registries
EJBCA Enterprise containers are available on the Keyfactor Container Registry.
docker pull registry.primekey.com/primekey/ejbca-ee
EJBCA Community containers are available on Docker Hub.
docker pull keyfactor/ejbca-ce
Helm Chart registries
EJBCA Helm charts are hosted in the Keyfactor Registry.
Enterprise
helm pull oci://repo.keyfactor.com/charts/ejbca --version <VERSION>
Community
helm pull oci://repo.keyfactor.com/charts/ejbca-ce --version <VERSION>
Variant containers
By default, EJBCA Helm charts will deploy containers that run the full EJBCA functionality. If you wish to use the Enterprise VA and RA container offerings, you can do so by using the image.variant
Helm Deployment Parameter with either a ra
or va
value.
If you use a private container registry with images imported under names that do not match ejbca-ee
, ejbca-ee-ra
, and ejbca-ee-va
, use the image.repository
parameter with the appropriate image name in your registry.
Optionally deployed resources
Resource | Version | Reference | License |
---|---|---|---|
Ingress NGINX | Tested with 1.9.X | Apache License 2.0 | |
| 1.27.0 | Apache License 2.0 |
Software Bill of Materials
For a list of components and libraries used in the EJBCA containers, see the attached Software Bill of Materials (SBOM) files:
The SBOM is generated in Cyclone DX format, a lightweight Software Bill of Materials (SBOM) standard, designed for use in application security contexts.
The EJBCA Enterprise container SBOMs are version-specific and updated when a new release is made available.