Implementing Private PKI with IronWiFi

Implementing Private PKI with IronWiFi

Thanks to our modular PKI infrastructure we are able to offer the Private PKI for our most demanding customers. Whilst security level of our standard offering leaves nothing to be desired, we are able to offer two additional solutions for our Enterprise customers that are interested in issuing the Client and Device certificates via SCEP using their own Issuing Certificate Authorities.

The first option is for the customer to order the hybrid solution, where our Root Certificate Authority signs the Private Signing Certificate Authority for the client, and all client and device certificates requested via SCEP will be signed by their own Private CA. The private key is generated in the HSM and is non-exportable.

The second option is for the customer to generate their own Private CA's keypair and either wrap the private key for secure sending it to us, where we upload it to our HSM based Key Management System infrastructure, or generate the private key in their own Cloud / On-Prem based HSM and allowing our SCEP signing server to access the API over the secure tunnel.

If you are interested in implementing your own Private PKI backed by the secure and robust IronWiFi PKI infrastructure, please get in touch by emailing us at support@ironwifi.com or give us a call at +1(800) 963 6221

    • Related Articles

    • Implementing Private PKI with IronWiFi

      Thanks to our modular PKI infrastructure we are able to offer the Private PKI for our most demanding customers. Whilst security level of our standard offering leaves nothing to be desired, we are able to offer two additional solutions for our ...

    • IronWiFi PKI Infrastructure

      The old Root CA certificate has expired on May 18, 2024. You can download the new certificates below. Hardware-Backed Security IronWiFi PKI infrastructure employs the latest industry standards for the private key protection, relying on the HSM ...

    • IronWiFi PKI Infrastructure

      The old Root CA certificate has expired on May 18, 2024. You can download the new certificates below. Hardware-Backed Security IronWiFi PKI infrastructure employs the latest industry standards for the private key protection, relying on the HSM ...

    • SCEP with Intune - IronWiFi PKI - User Auth

      The Simple Certificate Enrollment Protocol (SCEP) is a protocol that allows devices to easily enroll for a certificate by using a URL and a shared secret to communicate with a PKI. This is a guide for setting up SCEP with IronWiFi's new multi-tiered ...

    • SCEP with Intune - IronWiFi PKI - Device Auth

      The Simple Certificate Enrollment Protocol (SCEP) is a protocol that allows devices to easily enroll for a certificate by using a URL and a shared secret to communicate with a PKI. This is a guide for setting up SCEP with IronWiFi's new multi-tiered ...