The Secardeo certBox is a PKI directory server (certificate server) that serves for two tasks:
By this, the certBox enables global PKI based end-to-end encryption. It solves one of the major challenges of user PKIs today, where users have to exchange their email encryption certificates manually. With the Secardeo certBox a user can now seamlessly exchange encrypted e-mails using Outlook or other standard applications with any external recipient. This can be extended also for mobile users using certMode.
The outstanding advantages of using the certBox are:
In order to encrypt for your internal employees, external partners require your public certificates. Providing an external access to internal directory services like Active Directory via LDAP buries unacceptable risks for an enterprise. The Secardeo certBox enables the secure access to the enterprise’s encryption certificates. This can be achieved in the operational mode as a secure LDAP proxy or as an external public key directory (certificate repository, keyserver). Searching for X.509 certificates can be done automatically with standard e-mail clients using LDAP. Users may also download certificates manually by protected web forms. Address harvesting attacks will be defeated efficiently and internal directory structures remain hidden. The certBox may also be used for publishing certificate revocation lists for HTTP or LDAP CRL download. The certificates being published by the certBox may be synchronized automatically with Active Directory via LDAP.
Searching for external digital certificates by Outlook and other client applications is done automatically via LDAP. A user can also download certificates manually via HTML browser. The certBox provides a high grade of PKI interoperability by its integrated PKI directory database. With it, millions of user encryption certificates can be found by the certificate broker. Partners who do not provide an own LDAP directory may upload their certificates to your certBox. End-to-end encryption is even possible for recipients who do not have an X.509 certificate using ad-hoc certificates by certBox ICE.
Transparent S/MIME encryption is now possible with:
Integration of the certBox into existing networks (DMZ) is flexible and its administration is easily done via web browser.
You can use the certBox functions by your preferred deployment variant:
Secardeo certSync is a synchronization service for Active Directory user certificates, certificate revocation lists (CRL) and certificate trust lists (CTL). It supports manual or automatic synchronization of these data between Windows Active Directory (AD) and a Secardeo certBox PKI directory server.
The following features are supported
You can explore the certBox features on www.certbox.org!