.png){kind=logo}
EJBCA Appliance eIDAS Model Specifications
EJBCA Appliance eIDAS edition is a hardware appliance that offers the complete feature set needed to operate a comprehensive, highly available PKI. It is based on EJBCA Enterprise, with easy-to-use management functions, high-performance hardware and a built-in FIPS 140-2 Level 3, certified Hardware Security Module (HSM).
The EJBCA Appliance eIDAS edition model supports up to 15 million certificates.
EJBCA Appliance eIDAS Model
The model includes EJBCA Enterprise eIDAS edition with a core library for Certificate Authority (CA), Registration Authority (RA), and Validation Authority (VA) functionality capable of hosting an unlimited number of CAs.
Model Specification Overview
The following provides a model specification.
EJBCA Appliance eIDAS | |
|---|---|
| Technology stack: EJBCA Enterprise & Secure Linux (Prime LFS) |  |
| Protocols & API’s | |
| OCSP | |
| SCEP | |
| CMP | |
| EST | |
| ACME | |
| WebServices API | |
| REST API | |
| Key Features | |
| Certificate Capacity * | Up to 15 M |
| Secure & Automated Backup Mechanism | |
| 2 Factor Authentication | |
Common Criteria PP5 certified HSM according to PP EN 419 221-5 “Cryptographic Module for Trust Services” | |
| Standard performance HSM inside | |
| Dedicated Mng & App Interfaces | |
| Redundancy | |
| SNMP, Syslog, Audit Log | |
| Accessories | |
| SmartCards | 10 |
| PinPad Reader | 1 |
| External Battery adapter | |
For testing purposes, it is possible to run CA, VA, and RA on one single instance of the appliance.
*Based on EJBCA Version 7.3.x, audit log on, typical key sizes (RSA 3072 SHA 384 with RSA), typical subject DN length: 100 characters. Synthetic benchmark with a certificate revoked once a second and no further system usage.