EJBCA Deployment

EJBCA Enterprise is often deployed as a cluster of multiple Certificate Authority (CA), Registration Authority (RA), and Validation Authority (VA) instances. For improved performance and security, EJBCA Enterprise can be set up to communicate with other instances of EJBCA acting as Registration Authority (RA) and/or Validation Authority (VA) using the peer protocol. For more information, see Deploy RA and VA in Kubernetes .

Deploy with automation ENTERPRISE

The EJBCA Enterprise PKI configuration export/import tool EJBCA ConfigDump allows you to deploy EJBCA Enterprise instances with automation. File-based configuration of EJBCA resources allows you to configure EJBCA to read Kubernetes ConfigMaps and Secrets to create resources during EJBCA deployment. This significantly reduces installation effort, and brings the advantage of replicating an existing setup. You can, for example create a setup of EJBCA instances in your development cluster, export the configuration from the environment, and then create an installation in your staging or production cluster and import the ConfigDump export. For more information, see Advanced Deployments.