The Cryptomathic Certification Authority (CA) is a high-security public key infrastructure (PKI) enabling service. It allows organisations to take full control of certificate management, in order to establish a trusted networking environment and secure transactions. The main purpose of the Cryptomathic CA is to issue and manage the certificates of users, service providers, applications and appliances. This enables organisations to meet individual security requirements for using digital signatures across applications and platforms taking a clear and comprehensible approach.

One Certificate Authority - Multiple Applications

Securely managing all the certificate protocols in real-time, the Cryptomathic CA is used to secure a wealth of applications, including:

  • eGovernment, e.g. public services
  • Trusted Platform Module (TPM)
  • ID card
  • ePassport
  • Enterprise, e.g. email
  • Digital Rights Management (DRM)
  • eBanking, including payment transfers
  • Utilities, such as smart meters for electricity, gas and water

CA diagram-1(2)

Certification Authority Protocols

Cryptomathic CA is based on the X.509 standard and complies with security standards, including top-end FIPS levels. It supports all common communication protocols, such as:

  • Publish certificate revocation lists (CRLs) to notify users of expired certificates
  • Verify the identity of a device or user through certificate authentication
  • Securely generate, store and manage keys, including the root key
  • Certificate issue for applications, devices and users
  • Maintain a secure tamper resistant audit log

CA Diagram


Designed as a flexible client-server solution that enables customers to tailor it to the meet the specific needs of their organisation. Easy integration with other PKI components coupled with high-end and transparent security provides a cost-effective and convenient solution to establish and maintain your trusted network environment.

Cost Efficiency

Some organisations may consider whether to acquire and operate a CA or to buy a CA service from an existing service provider. Running and operating the Cryptomathic CA is the most cost efficient solution for organisations regardless of the type of certificates they issue. The more certificates are issued the stronger the business case for acquiring Cryptomathic CA with ROI in as little as one year.

Central to managing costs, organizations should use the CA in a seamless and automated manner, allowing the CA to perform its core tasks, whether it is being used for ePassport issuing, smart metering, etc.