KeyTalk CKMS for PKI automation
KeyTalk CKMS is used to manage the certificate and PKI lifecycle. You can use it to automate most processes, including deploying certificates to servers or client devices. It cooperates with all advanced types of servers, authentication services and clients. The possibilities of its use are thus practically unlimited!
Easy to obtain certificates
In addition to issuing a certificate, which is usually easy, you also need to deploy it to the user's server or PC. This can be a lengthy process and take up a lot of time of IT administrators, who have to renew the certificate always once a year. Fortunately, there are also tools for central management and automation that can make your life much easier.
Key benefits of KeyTalk:
- Certificate lifecycle management and secure storage (possibility to use HSM).
- Web administration of the entire server.
- Automatic issuance of various types of certificates thanks to the connection to the CA API.
- Downloading certificates to the user and setting up a certificate store.
- Timely certificate renewal.
Extensive technology support
KeyTalk is a universal solution that can handle a wide range of technologies. Below are the best known supported technologies that KeyTalk can work with.
- Active Directory (Azure AD)
- LDAP server
- Windows, Linux and MacOS OC
- Android, iOS smartphone
- Windows server and IIS, Apache, Tomcat
- Thales/Gemalto/SafeNet HSM
- Radius, MySQL
- Office 365
- Google cloud
Practical examples of deployment and possibilities for using the KeyTalk server can be found on our blog in the Automatization section.
Operation and license of the service
KeyTalk is available to customers through KeyTalk and DigiCert partners. The manufacturer provides a downloadable server image ready to run in HyperV/VMware or in the cloud (AWS, Azure, Google). You then administer the server with KeyTalk and have full control over the data. If you do not want to manage the server, it is possible to use the hosted variant which runs in the KeyTalk data centre in Amsterdam. More information is here.
KeyTalk needs to be covered by an annual server license (fixed part) and by user licensing. The license fee is calculated for each user (a so-called seat) and is required to issue and install the certificate. If you want to have trusted email signatures, you will definitely need to buy a trusted S/MIME certificate from DigiCert for each user (via us, we will connect you to the DigiCert API). Otherwise, you can use the internal CA KeyTalk server, which is not trusted by external recipients.
Licensing is transparent and does not include additional hidden fees; however, the hosted variant is simpler. We will be happy to prepare a non-binding offer for you.
The hosted KeyTalk variant saves you money
If you do not want to run the KeyTalk server yourself and you want to save on cloud services and the administrator, then you will be interested in the fully hosted KeyTalk CKMS variant (H-CKMS). The server is in DC in Amsterdam and uses HSM (Thales Luna model 7) to store the keys. In addition to cost savings, you will also get great service availability.
You get KeyTalk through DigiCert partners
DigiCert, of which we are a platinum partner, is one of KeyTalk’s technological partners. This allows us to bring this revolutionary technology to our customers and help them with their deployment, so you can handle everything with us in your native language.
Do not hesitate to contact us for more information. We are here for you and we will be happy to meet your requirements and find out how you want to use KeyTalk. After a non-binding and free consultation, we will certainly be able to help you with PKI automation, which brings not only better efficiency and savings, but also higher security for certificate use.