Keyfactor EJBCA® Reviews & Product Details

Keyfactor EJBCA SaaS excels in ease of use and implementation, making the process of certificate signing straightforward and efficient within our organisation. The platform offers a robust set of features that cater to various certificate management needs, and its integration capabilities are seamless, which is particularly beneficial for maintaining smooth operations across different systems. Additionally, the customer support has been responsive and helpful, ensuring that any issues are promptly addressed. Review collected by and hosted on G2.com.

Despite its strengths, there are a few areas where Keyfactor EJBCA could improve. Occasionally, the number of features can be overwhelming, especially for users who are new to the platform, potentially impacting ease of use. While customer support is generally good, there are times when more specialised assistance might be needed for complex issues. These aspects could benefit from refinement to enhance the overall user experience. Review collected by and hosted on G2.com.

I really like the simplicity of Keyfactor EJBCA®. It is very easy to understand, manage, and configure. There is a large amount of manuals available to set up the service, whether with a container or directly from the source code, and it was quite easy for us to modify the code without any problem. Review collected by and hosted on G2.com.

The most complicated issue that is causing us some friction now would be the disconnection with the HSM services. I understand it's due to the type of library, the PKCS11, used for this type of connection, but it's what could cause us some trouble at the moment. We need to be vigilant; if the connection drops, reestablish it and restart WildFly if we have a token disconnection. Review collected by and hosted on G2.com.

Keyfactor EJBCA is built with a comprehensive REST API. This is crucial for a PKI management tool like Keyfactor Command, as it allows for programmatic and automated lifecycle management of certificates. Instead of manual certificate requests, the API enables Keyfactor Command to enroll, renew, and revoke certificates on a massive scale, which is the entire purpose of a streamlined PKI management system. Review collected by and hosted on G2.com.

The platform is incredibly powerful, but the sheer number of features and the complex UI make it feel like a tool for PKI experts, not for general IT administrators. A smoother onboarding process or more intuitive UI similar to keyfactor command for handling common tasks would be a massive improvement Review collected by and hosted on G2.com.

Facility to set a cluster, event for remote location. it's a game changing for setting a DR site.

The constant improvement in feature like integrating PQC algorithm

There is an great effort to make EJBCA easy to implement and easy to use. Easy to integrate with a bunch of API technologies Review collected by and hosted on G2.com.

The log visualisation is too poor, you need to have an additionnal tool for that. Review collected by and hosted on G2.com.

Deployment of the hardware and software appliances process is straight forward, same with the regular update process.

Deployment of trust chain process is easy enough.

REST APIs are available, integration with Microsoft world is possible.

It seems ACME, EST, CMP protocols are available as well, however we have not tested them yet. Review collected by and hosted on G2.com.

Replacement of hardware seems to happen more often than desired, i would expect to keep a hardware until its end of life however we are forced now after less than 2 years after purchasing the appliances, to migrate to different hardware.

It was a bit difficult to comprehend the concepts of Certificate and End Entity profiles and why they are split into two separate configuration.

OCSP configuration is cumbersome, OCSP signer certificates are not being renewed automatically.

Trainings and troubleshooting information is not much available.

Reporting could be improved, it only allows 500 certificates to be listed.

Does not allow permissions to be configured on profiles. Review collected by and hosted on G2.com.

"What I like best about Keyfactor EJBCA is its reliability and flexibility. It fully meets our security and compliance requirements, and over the years it has consistently proven to be a stable and dependable solution. In addition, the support team has always provided prompt and precise feedback whenever needed." Review collected by and hosted on G2.com.

"Overall, there is not much to dislike about Keyfactor EJBCA. The documentation could be even more comprehensive in some advanced areas, but the support team has always been very responsive and helpful in clarifying any doubts." Review collected by and hosted on G2.com.

The rich set of features which can handle many use cases.

Support of many standard PKI protocols like CMP, EST, SCEP, OCSP, ACME, etc. which allow integration with other solutions.

Customer support is working well and most of tickets were solved with satisfaction.

SaaS solution works without major outages for more than a year. Review collected by and hosted on G2.com.

It has very complex UI with user-unfriendly and inconsistent components. Software lacks good UX assessment. On the other side it provides many useful configuration options which increases a complexity as a side effect. Review collected by and hosted on G2.com.

EJBCA offers a wealth of capabilities, enabling virtually all workflows for enrolling, managing, and distributing certificates. EJBCA often implements leading-edge features ahead of other PKI toolkits, enabling early access to capabilities. Review collected by and hosted on G2.com.

Implementing EJBCA is challenging, when using the straightforward software distribution methods. I know this can be remedied when using virtual appliances on either a virtualization platform or containers platform. Review collected by and hosted on G2.com.

We like the eIDAS and ETSI standards compatibility support.

It is mature open source stack - well established CA engine with strong community and commercial backing (through Keyfactor).

Multi-tenant and role-ased access, API coverage (REST) Review collected by and hosted on G2.com.

Some doumentation gaps for edge/custom scenarious can be noticed. Limited built-in monitoring: out-of-the-box monitoring for ETSI-aligned audit events, certificate statistics, and compliance reporting is limited. Review collected by and hosted on G2.com.

Being able to kill off our onprem CAs and use your hosted solution takes a huge load off of our team. As a member of the security team I love that it's one less thing we have to worry about. Also, the ease of deploying and replacing certificates ensures we're never in a spot where a cert is going to expire and nobody knows where to go or what to do. A true lifesaver. Review collected by and hosted on G2.com.

Honestly nothing, it truly hits all of the marks. Maybe have better docs? They are already pretty good though 😂 Review collected by and hosted on G2.com.