News 20 Apr, 2021

EJBCA® Enterprise achieves Common Criteria certification

We are proud to announce that PrimeKey’s EJBCA Enterprise has achieved Common Criteria certification conformant to the Protection Profile for Certification Authorities, a Collaborative Protection Profiles (cPP) approved by the National Information Association Partnership (NIAP). This means that we have demonstrated adherence to the high set standards of the Common Criteria Recognition Agreement, used, trusted, and often required by entities such as the U.S. Government.

Common Criteria is the widest available mutually recognized IT security certification of IT products. It is a certification that many governments require for products used in critical IT infrastructure. PrimeKey’s products have been certified by Common Criteria before and have now passed the rigorous evaluation process again.

In the words of Jerome Bordier, Directeur Associé at SealWeb, an independent company: “In brief, CC-evaluation of a PKI software with respect to the PP4CA is an efficient way to obtain a well-founded assurance that the said software actively contributes to the security of the CA’s and HSM’s IT security environment and to the conformance of the CA’s organization and practices to the ETSI EN 319411/319401 standards.”

For a PKI (Public Key Infrastructure) product, such as EJBCA Enterprise, to become Common Criteria Certified, you need to complete a series of stages:

  • Creation of the Security Target
  • Approval of the certification with the Certification Body
  • Lab Evaluation (testing)
  • Lab report
  • Certification by the Certification Body

“We are proud to have achieved the Common Criteria certification for EJBCA Enterprise.” said Harry Haramis, General Manager of PrimeKey U.S. “It is yet another proof point of the level of quality and security of PrimeKey’s products. It will also open the door for continued deeper discussions with federal agencies about their security solutions.”

Read more on the PrimeKey website:

PrimeKey News