TOPKI | End-to-end encryption | Windows PKI

TOPKI – Certificate management & distribution platform

Digital certificates offer a high degree of security for encryption, strong authentication and digital signatures. In an enterprise PKI you need appropriate services for certificate management and key management. Secardeo TOPKI (Trusted Open PKI) is a PKI system platform for automated key distribution of X.509 certificates and private keys to all users and devices where they are required. For this, TOPKI provides components that serve for specific certificate lifecycle management tasks.


The PKI software components of the TOPKI platform can be integrated with other PKI systems, Active Directory or Mobile Device Management systems. TOPKI enables a seamless adoption of managed PKI services. By this you can automatically request certificates from trusted public CAs in the cloud. Or you can use open source CAs, for example to auto-enroll internal computer certificates. The TOPKI PKI products can also enhance your existing Microsoft PKI.

TOPKI provides the following components:

  • certBox is a Certificate Directory Server for securely publishing internal certificates and automatically finding external certificates in the PKI cloud.
  • certEP Certificate Enrollment Proxy for Non-Microsoft CAs on-premise or in the Cloud.
  • certMode connects mobile devices that run ActiveSync with a Certificate Directory Server like certBox.
  • certLife is a software for the management of digital certificates and supports several key pair generation models.
  • certPush distributes private keys of a user that have been enrolled through certEP or by Windows AD Certificate Services securely to his mobile devices.
  • certRevoke automatically submits revocation requests to a CA via certEP or directly to ADCS in case that an AD object has been removed or changed.
  • certSync synchronises certificates between an internal (active) directory and a certificate directory server like certBox.

All components of the TOPKI platform are integrated smoothly but they may also be integrated with other products. TOPKI is an „open“ PKI platform for the integration of arbitrary internal or external CAs, directory servers or MDM systems. Many PKI use cases can be deployed with it.

The TOPKI services can be operated on premises in your IT infrastructure or they can be provided as PKI SaaS cloud services. You can subscribe for the TOPKI services in combination with a managed PKI (MPKI) service of a public trust center like SwissSign or QuoVadis.