CertAccord Enterprise


CertAccord© Enterprise Automates Your PKI

Extend certificate enrollment and automatic renewal across your entire network to Linux/Mac

CertAccord Enterprise bridges your existing Microsoft Public Key Infrastructure (PKI) Certificate Authority with Linux, Mac, and Windows end-points. It extends Microsoft ADCS to provide automatic X.509 certificate enrollment, automatic certificate renewal, and distribution of CA trust to Linux and Mac. It brings capabilities similar to the "auto-enrollment" functions built into Microsoft Windows to all the major enterprise platforms without having to replace your existing PKI.

Microsoft Certificates on Linux & Mac

Fully automated X.509 certificate creation and renewal on Linux & Mac systems from Microsoft ADCS

Eliminate Manual Certificates

Automate creation and renewal of certificates on Linux & Mac with Certificate Enterprise

Quick Installation

Bolt-on to your existing Microsoft PKI. Install Certificate Enterprise in hours without any major AD/PKI changes.

CertAccord integrates certificates with any application using the CertAccord Certificate Appliers API. This simple script-based API allows you to deploy certificates at scale by eliminating the manual processes associated with configuring an application to use a certificate.

CertAccord automatically maintains certificates, keys, and CA trust certificates in JKS and PKCS12 files so you don't need to manually export/import certificates when a certificate is provisioned for the first-time or renewed.

CertAccord eliminates the manual process of requesting, installing, and renewing certificates which provides you with reduced IT labor costs, reduced errors, elimination of missed renewals and improved security through consistent policy implementation.

Key Features

  • Automates certificate creation and application integration
  • Automates certificate renewal > no manual processes
  • Mirrors Windows auto-enrollment features on Linux/Mac
  • Automatically push/enroll certificates to Linux/Mac from Microsoft ADCS
  • Request certificates via simple command line on end-nodes without being a PKI genius
  • Easily installs as bolt-on to existing Microsoft ADCS environments in minutes
  • Web based Management Console provides central point of management

Create Certificates without PKI expertise

Certificates can be automatically enrolled (pushed) to registered end-points from the CertAccord Enterprise Management Console. Alternatively the computer administrator of an end-node can request a certificate using a simple command line interface (CLI) without knowing how to create a keypair, generate a certificate request or know how to translate difficult to understand enrollment templates, formats and attribute requirements.

Extend existing PKI across entire network

Quickly and easily integrates with Microsoft Active Directory Certificate Services (ADCS) and GlobalSign based PKI Certificate Authorities. Almost no changes are needed in Active Directory to support CertAccord Enterprise. The CertAccord server is easy to install (takes about 30 minutes) and the Agent software is even easier (takes 1-2 minutes to install).

Major public/hosted Certificate Authority providers like GlobalSign are supported. You can have use GlobalSign exclusively for Certificates or you can simultaneously support both GlobalSign and Microsoft ADCS.

Supported Solutions

  • Linux, Mac, and Unix (Solaris) from Microsoft ADCS Certificate Authority
  • Java apps on Windows, Linux, Mac that require certificates in JKS/PKCS12
  • Windows systems not AD domain joined or in different domain than ADCS
  • View supported platforms