Key Management System (KMS)
for managing technology certificates
Servers, computers, websites, IoT or medical devices. Even technical elements have an identity that needs to be secured and protected. Our solution is called KMS – Key Management System.
Extension of the PKI infrastructure with a technology branch
KMS is a comprehensive solution for protecting the technical elements of the infrastructure, storing digital keys and distributing them. It enables clear identification of individual devices and digital certificate management.
KMS – central point of technology certificate management
KMS (Key Management System) is a comprehensive environment that enables secure encrypted communication of devices, servers and applications and authentication of devices within the network.
KMS provides:
- A single place to view devices and their active certificates
- Elimination of certificate expiration failures (server-client communication, P2P)
- A central location for storing crypto material – key storage
- Import of certificates into the key storage
- Minimization of necessary manual intervention by ITS administrator
Supported communication protocols
- Telecommunication elements, 4G, 5G – Certificate Management Protocol (CMPv2)
- Microsoft, CISCO – Certificate Management over CMS (CMC)
- VMware, cryptographic operations – Key Management Interoperability Protocol (KMIP)
- MDM (NDES), Linux, Microsoft, CISCO – Simple Certificate Enrollment Protocol (SCEP)
- RH OpenShift, Kubernetes – Automatic Certificate Management Environment (ACME)
- Enrollment over Secure Transport (EST) – SCEP protocol successor
Main KMS use cases
- Certificate and key lifecycle management
- Certificate issuance and distribution
- On-demand certificate exchange
- Expiry notification
- Integration with Certification Authorities
- Key storage (HSM), SIEM with NTP
- Web interface for KMS administration
- Built on top of Kubernetes cluster
