EJBCA Integration Guide: Introduction

This guide explains how to configure the CipherMail gateway to connect to an external EJBCA server for handling certificate requests.

EJBCA (https://ejbca.org/) is a widely used, flexible, enterprise Java based open source CA server. Ciphermail contains basic CA functionality. If however more advanced CA functionality is required, for example add constraints to the issued certificates, EJBCA is advised.

Note

This guide assumes that a CipherMail gateway and an EJBCA server have already been setup and that the EJBCA server is setup to accept incoming connections to the Web Service Interface.

For testing the integration without requiring a full EJBCA install, we recommend to use the Primkey EJBCA docker image. For this guide, EJBCA has been started using the following docker command:

docker run -it --rm -p 8081:8080 -p 8444:8443 -h 127.0.0.1 primekey/ejbca-ce