The analysis of the existing PKI infrastructures of a Swiss insurance company concluded that the existing environments does not meet current and future needs and therefore imply significant risks.

One of the major risks are expiring certificates which led to a shutdown of services and required a lot of time for root cause analysis. The certificate life cycle management is one of the key requirements for the new solution and became a central function in the PKI target architecture.

It should act as a proxy to forward certificate requests to internal and external (e.g. for qualified electronic certificates, document signing, e-mail encryption) CA components.

Another important requirement was the automatic creation of tickets for expiring certificates and the automatic renewal of expiring certificates.

Finally the availability of interfaces to use certificate management functions for various third party systems, like Active Directory, Linux systems, applications and services.

The SwissPKI^TM Solution covers all requirements out of the box and provides several templates to easy setup automatically ticket renewal or open tickets with ticketing systems of various suppliers. The SwissPKI^TM OpenAPI provides full management of certificate life cycle management to third party applications.