EZCA allows you to run and scale your own highly available private CA service without the upfront investment and ongoing maintenance costs of operating a private CA or private CA hierarchy. Whether you are creating a new private PKI hierarchy or chaining up to your existing Root CA, EZCA will help you create a secure and cloud-scale Azure based Certificate Authority that meets and exceeds industry standards
One of the main reasons many Azure customers (from fortune 500 companies to small startups) chose EZCA as their Azure Certificate Authority is because of our native integrations with Azure services, making it easy for you to create your PKIaaS in Azure and set it and forget it, EZCA will then take care of all the certificate management operations. EZCA gained popularity in the IoT space due to our amazing guides that take you through the whole process of creating certificates for Azure IoT from IoT best practices to step by step guides of using certificate authentication in Azure IoT hub as well as our easy to use API's and NuGet package making IoT certificate issuance and management as easy as possible.
The first step on getting started with EZCA, is creating your PKI subscription in Azure. With our Azure marketplace listing, you can create your CA in minutes and start issuing SSL certificates for your IoT devices in minutes.
When creating an IoT application, you don't want to waste time managing a secure and scalable Certificate Authority, this is why we have created our one-click integration with Azure IoT. This integration, allows you to create a certificate authority and connect it to your Azure IoT Hub in minutes, allowing you to spend your time where it matters: creating an amazing IoT devices for your customers. To make it easier for you to get up and running with secure IoT devices we have also created a guide on IoT identity security best practices.
To help have your devices secure and ready as fast as possible, we have created Azure IoT Authentication code samples that enable you to have a working prototype in days instead of months. These code samples follow best practices for issuing SSL certificates for IoT devices, automatically provisioning IoT devices in Azure IoT Hub, Azure IoT hub certificate authentication, and even how to set automatic renewal of your IoT device certificates.
When reading about creating your own certificate authority for IoT you probably saw that legacy certificate authorities such as Active Directory Certificate Services (ADCS) cannot scale to meet the scale of your IoT deployment. EZCA was developed as the first Azure Native Certificate Authority meaning we leverage the scale of the cloud to meet the most demanding scaling requirements.
EZCA was designed to protect the most critical workloads, to do this our CA was design to meet and exceed your security requirements. From Geo-location requirements with our EU EZCA Instance, to our dedicated instances, bring your own HSM, bring your own infrastructure, to even how we secure our infrastructure EZCA will help you meet and exceed your security requirements without all the overhead of managing your own Certificate Authority infrastructure.
While EZCA offers many automatic certificate issuance protocols such as SCEP and ACME (Automated Certificate Management Environment) one of the most used features by developers is our one-click Azure Key Vault certificate creation and management integration. This integration enables users to securely create and manage certificates for their IoT services following Azure best practices with an HSM (Hardware Security Module) backed Azure Key Vault. This integration fully automates certificate issuance in Azure.
With the exponential growth of cloud services, the identities that protect those services have also exponentially grown, making it impossible for humans to securely manage the identities for those cloud services. To help organizations automate their certificate rotation we are proud to say EZCA is the only PKIaaS that offers automatic AAD (Azure Active Directory) Application Certificate Rotation.
As a Microsoft Security partner, we could not create an Azure based PKI without sending all alerts and logs to Azure Sentinel. All Keytos tools send all security logs to Azure Sentinel allowing you to have a single pane of glass where your SOC team can monitor your infrastructure and detect anomalies.