Core Features

Khatim PKI Server adheres to the industry standards set by Web Trust, IETF and CA/B Forum for Certification Authorities including RFC 5280. Khatim PKI Server helps organizations in joining root certification programs by providing the necessary functionalities and features to meet their requirements.

Integrate with your existing HSMs using PKCS#11 like Entrust nShield, Thales Luna, Protect Server, Utimaco Cryptoserver etc. It also seamlessly integrates with non PKCS#11 based HSM like Microsoft Azure Key Vault, AWS Cloud HSM and Google Cloud HSM.

The Khatim PKI server is platform-independent, making it compatible with both Windows and Linux. It can be deployed in various environments such as:

Khatim PKI Server can be clustered, minimizing latency enabling high throughput. It allows for new servers to be added seamlessly without the need to stop running instances, ensuring uninterrupted service for your business. Khatim PKI Server can meet the growing needs of your enterprise and ensure that your digital security infrastructure can keep pace with your business growth.

Trusted personnel can only access CA functions via powerful, password less authentication using military-grade TLS Client authentication.

Khatim PKI Server allows quick revocation of existing digital certificates. Configure your CA to issue CRLs at recurring time frames avoiding the hassle of manual CRL issuance.

Khatim PKI server supports diverse cryptographic requirements such as:

Admins can monitor their PKI servers in real-time, and filter data based on CA policies, templates, success/failure, signing algorithm, and more. Khatim PKI server also creates daily summary reports along similar data points providing administrator a snapshot of what types of certificates were generated during the day, any failures and alerts.

Khatim PKI Server saves all incoming transactions and configurations for thorough analysis. Administrators can easily download and review request/responses in real-time for investigation. All updates made to the system by operators is also recorded providing a reliable audit trail.

Have multiple CAs or PKIs? A single deployment of Khatim PKI Server can handle multiple Certification Authorities, online/offline CAs making it easy to handle from a single portal.

Khatim PKI Server sends proactive notifications to administrators in case of server malfunction. All issues are recorded for traceability and can also be securely pushed to your central logging systems such:

Khatim PKI Server lets you issue digital certificate for all the purposes required to ensure a trusted infrastructure such as:

Upgrade to Khatim PKI Server for your existing Root CA or Sub CA keys/certificates. Say goodbye to legacy CA servers effortlessly and adopt the new way of managing keys and certificates with more control and insights.

PKI Admins can either manually issue X.509 digital certificates based on PKCS#10/CSR or allow business applications to request for client-end certificate via Restful interfaces. Keep your business applications in charge of creating, deleting or revoking digital certificates. Integrate with Khatim RA Server to support more protocols like:

Khatim PKI Server seamlessly issues digital certificates to IoT devices, allowing them to securely authenticate themselves and communicate with other devices and systems.