Components – SwissPKI
The Swiss Managed Public Key Infrastructure as a Service. Certification Authorities, Registration Authorities, Time Stamp Service, Online Certificate Responder, Hardware Security Modules.
SuissePKI, SwissPKI, Suisse PKI, Swiss PKI, PKI, Public Key Infrastructure, security, HSM, hardware security module, encryption, digital signature, authentication, smart card, certificate authority, identity management, X.509 certificate, certificate,, Primus HSM, Primus Cloud HSM, Primus
page-template-default,page,page-id-366,ajax_fade,page_not_loaded,,footer_responsive_adv,qode-content-sidebar-responsive,qode-theme-ver-13.5,qode-theme-bridge,disabled_footer_bottom,wpb-js-composer js-comp-ver-5.4.5,vc_responsive



SwissPKI is a Public Key Infrastructure which delivers robust hardware based centralized key management backed up by strong cryptography to protect your business processes.


The solution addresses large scale cryptographic key management life-cycle, online hardware-to-hardware key distribution, tamper proof audit as well as usage logs for compliance with standards and covers the complete certificate and key management life-cycle.


SwissPKI integrates with the Primus Cloud or On-Premises HSMs, taking full advantage of the built-in backup and replication mechanisms. Advanced Primus HSM features include securing all keys and PKI meta data objects directly in hardware on the HSM partition.


SwissPKI reduces your operational overhead, reduces costs and increases security: no more licensing, maintenance and support of dedicated systems such as database servers, application and archive servers, monitoring and controls systems.

Retro auction or judge wooden gavel in front black wall background. Symbol of justice. Vintage old style filtered photo

Certification Authorities

  • Deploy single or complex lattice connected Certificate Authorities in a few mouse clicks to set up the essential trust between users and systems.
  • Create multiple PKI Communities each supporting multiple certification authorities, certification authority subordination and certification authority cross-signing.
  • Interconnect each certification authority with any satellite component within the PKI community.
  • Manage users using role based access control: Certificate Authority Officer, Registration Authority Officer, Authorizers and Auditors.  
  • Define registration policy templates and assign validation rules to single policy attributes. Publish registration policies to registration groups.

Registration Authorities

  • Register users and systems in a controlled and authenticated manner while applying predefined or custom certification policies.
  • SwissPKI helps you keep track of your registration records through Registration Officer Roles.
  • Create certificate template validation rules using the Certificate Policy Editor and apply run time validations to any X.509 field when issuing certificates.
  • Use pre-defined validation templates or provide your own pre or post validation micro services validate TBS or certificate structure against existing or external data sources.
  • Associate certificate registration policies to registration groups, including list of individual pre and post validators and authorizers if required by your business processes.
  • Advanced REST Service interface for automation.

Bridge in the dark
Satellite dish sky in twilight in the city

Satellite Services

  • Satellite Services regroup out-of-the box standard X.509 services which you do not need to install and configure separately.
  • The SwissPKI solution integrates compliant Time Stamp Service, Online Certificate Responder (OCSP), Certificate and CRL Publisher and Document Signer Service.
  • Satellite services are part of  the SwissPKI as standard modules and deployed, activated or deactivated within seconds by trusted operators.
  • Reduce your operational overhead and take advantage of the turnkey built-in PKI services.

Hardware Securiry Modules

  • SwissPKI provides interoperability with all major Hardware Security Modules.
  • A Hardware Security Module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing.
  • The HSMs come in the form of external devices that attach to a network. They provide accelerated cryptographic operations such as encryption and digital signatures.
  • The solution offers advanced features with the Primus HSM.

Securosys Clouds HSM