certPush

certEP | certLife |  certACME | certPushcertBox | certMode

certPush – Mobile S/MIME certificates

Secardeo certPush is a key recovery and distribution service for user keys from a central key archive. With this the private keys of  S/MIME certificates can be pushed to the mobile devices of a user.

Secardeo certPush is an extension for certEP or a Microsoft CA. With certPush, X.509 user certificates and PKI private keys can be simply recovered using standard Microsoft key recovery mechanisms and securely distributed to all devices of a user in a protected PFX (.P12) container. Certificate distribution can be done automatically via secure e-mail, e.g. for unmanaged devices, or via MDM system for managed devices. The user certificates or S/MIME certificates may stem from an internal Microsoft CA or a public CA like SwissSign or QuoVadis using certEP. A user can for example then encrypt and decrypt his e-mails on his smartphone.

certPush supports the recovery of single private keys and batch recoveries of private keys of multiple users. Secardeo certPush can either recover only the current certificate and private key of a user or the whole key history into a .P12 container. certPush enables the automated user certificate distribution  to mobile devices in an enterprise running iOS, Android or Windows Phone.

certPush benefits

  • Support for managed & unmanaged devices
  • Manual or automatic push
  • Push by e-mail
  • Push through MDM
  • From a Microsoft CA or
  • From any CA via certEP

certPush features

  • Support of Microsoft CA (ADCS) and Secardeo TOPKI
  • Reliable recovery process based on Key Recovery Agent certificates
  • Recovery and distribution of single private keys
  • Batch recovery and distribution of private keys for multiple users
  • Recovery of current certificate and private key of a user or the whole key history
  • Encrypted distribution to managed and unmanaged devices via e-mail push
  • Secure distribution to managed devices by MDM upload
  • Automatic key distribution based on an Active Directory group or a list of e-mail addresses
  • Periodic background distribution (certPush service)