1. Home
  2. /
  3. Use cases
  4. /
  5. Get started with EJBCA open-source PKI

Get started with EJBCA open-source PKI

You can get started with EJBCA Public Key Infrastructure (PKI) and issue certificates for your applications and devices in no time.

hero-sub-2

Challenge

Move away from self-signed certificates

While self-signed certificates and OpenSSL can be used for basic PKI needs, other PKIs and certificate authorities offer several advantages that make them a better choice for organizations that require more robust and secure certificate-issuing systems. 

Engineers and developers must prioritize security from the beginning to avoid future risks and costs. During the prototyping and testing phases, plan for scalability and avoid neglecting security. This ensures a secure solution that can adapt to changing needs.

arrow

Solution

EJBCA, a robust and secure PKI

You can quickly get started with EJBCA PKI to issue certificates for your applications and devices by using our tutorial videos, how-to guides, and documentation. You can learn how to:

  • Start EJBCA Docker container as an ephemeral instance
  • Start EJBCA Docker container in a production-like setting
  • Upgrade your EJBCA Docker container to the latest version
  • Install EJBCA from source from GitHub
  • In Kubernetes using Helm
  • Using our open-source Ansible playbooks, on GitHub, that deploy EJBCA from the source
  • Retrieve Certificate Revocation Lists from EJBCA
  • Get started with Online Certificate Status Protocol (OCSP) in EJBCA

Next, you can configure your PKI hierarchy, define your certificate profiles, and set up your Certificate Authority (CA). Once your CA is set up, you can begin issuing certificates, managing revocation and renewal, and monitoring the health of your PKI system.

Tutorials

EJBCA logo website
Get started
2023-04-24

Start EJBCA Docker container, ephemeral instance

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
Dockerhub
EJBCA logo website
Get started
2023-03-21

Start EJBCA Docker container, production-like settings

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
Dockerhub
Automation
Get started
2023-03-01

Start EJBCA Using our Helm chart

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
HELM
EJBCA logo website
Get started
2023-02-05

Deploy EJBCA from source code

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
GITHUB
EJBCA logo website
Automation
2023-01-10

Deploy EJBCA with Ansible

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
ansible
EJBCA logo website
Get started
2023-12-17

Retrieve Certificate Revocation Lists from EJBCA

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
EJBCA
EJBCA logo website
Get started
2023-12-17

Get started with Online Certificate Status Protocol (OCSP) in EJBCA

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
EJBCA
EJBCA logo website
Get started
2023-11-16

Upgrade your EJBCA Docker container to the latest version

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
Docker Hub
EJBCA logo website
Automation
2023-06-18

Automated certificate issuing via EJBCA REST

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
PYTHON / POSTMAN
EJBCA logo website
DevOps
Get started
TLS & mTLS
2023-05-11

Certificate management in Kubernetes with cert-manager and EJBCA

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
CERT MANAGER
Automation
Get started
2024-08-20

Clean up Microk8s Cluster and Redeploy EJBCA with Helm

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
HELM
EJBCA logo website
Get started
2024-06-06

Secure Login with YubiKey to EJBCA PKI

In most secure installations, administrator login keys are stored on an external token, such as YubiKey, rather than in soft key stores on the local machine.  EJBCA requires certificate-based authentication for administrators. YubiK...
EJBCA
EJBCA logo website
DevOps
Get started
2024-01-18

Use EJBCA PKI with HashiCorp Vault

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
EJBCA

Get inspired

Stay up to date with the latest news and blog articles, and find out about upcoming events related to EJBCA.

PKI hierarchies - 1, 2, 3 tiers ?
Post-Quantum Cryptography
Tech Update
Ejbca
Signserver
8 April, 2025

#KEYMASTER: When Are You PQC Ready?

The journey to post-quantum cryptography (PQC) readiness is more than just ad...
Keyfactor Release
Implementing Cryptography
Installation & Deployment
Post-Quantum Cryptography
Release
Ejbca
Signserver
31 March, 2025

EJBCA 9.1 Community is Here!

EJBCA 9.1 Community edition brings the latest advancements in PKI and cryptog...
PKI hierarchies - 1, 2, 3 tiers ?
DevOps
Installation & Deployment
Signing
Tech Update
Ejbca
Signserver
26 March, 2025

#KEYMASTER: Bringing Transparency to Software Supply Chains – A Deep Dive into SLSA

In this #KEYMASTER episode, host Sven Rajala is joined by Fredrik Skogman fro...

Related open-source projects

This website uses cookies

Cookies consist of small text files. They contain data that is stored on your device. To enable us to place certain types of cookies we need to obtain your consent. At PrimeKey Solutions AB, corp. ID no. 556628-3064, we use the following kinds of cookies. To read more about which cookies we use and storage times, click here to access our cookies policy.

Manage your cookie-settings

Necessary cookies

Check to consent to the use of Necessary cookies
Necessary cookies are cookies that must be placed for basic functions to work on the website. Basic functions are, for example, cookies which are needed so that you can use menus on the website and navigate on the site.

Functional cookies

Check to consent to the use of Functional cookies
Functional cookies need to be placed on the website in order for it to perform as you would expect. For example, so that it recognizes which language you prefer, whether or not you are logged in, to keep the website secure, remember login details or to be able to sort products on the website according to your preferences.

Cookies for statistics

Check to consent to the use of Cookies for statistics
For us to measure your interactions with the website, we place cookies in order to keep statistics. These cookies anonymize personal data.

Cookies for ad-tracking

Check to consent to the use of Cookies for ad-tracking
To enable us to offer better service and experience, we place cookies so that we can provide relevant advertising. Another aim of this processing is to enable us to promote products or services, provide customized offers or provide recommendations based on what you have purchased in the past.

Ad measurement user cookies

Check to consent to the use of Ad measurement user cookies
In order to show relevant ads we place cookies to tailor ads for you

Personalized ads cookies

Check to consent to the use of Personalized ads cookies
To show relevant and personal ads we place cookies to provide unique offers that are tailored to your user data