Skip to main content
Skip table of contents

Prerequisites

Before you begin deploying EJBCA and SignServer to cloud environments, make sure you have the following systems and tools in place:

  • Kubernetes v1.19+

  • Helm v3+

  • External access management:

    • Ingress NGINX: Follow the Ingress-Nginx Controller Installation Guide to set up Ingress NGINX. Enable NGINX controller snippets to allow certificate authentication, by setting controller.allowSnippetAnnotations=true in your Helm chart deployment. The setting is disabled by default as of Ingress NGINX version v1.9.0.

    • EJBCA only: A Network LoadBalancer such as a cloud-provider-managed load balancer, or MetalLB may be used. For EJBCA deployments, a Network LoadBalancer is recommended for enhanced security.

  • Supported database (for non-ephemeral instances):

    • MariaDB

    • MySQL

    • PostgreSQL

    • Oracle Database

    • Microsoft SQL Server

  • Hardware Security Module (HSM):

    • SoftHSM2 (not for production use)

    • Thales Luna

    • Utimaco CryptoServer

    • Microsoft Azure Key Vault and Managed HSM

    • Fortanix Data Security Manager

  • EJBCA or another Certificate Authority for infrastructure and signer certificates. ​​

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close