Implementing a secure PKI architecture with EJBCA CE

[hackermann33]

Hi, we're two students from Italy that we're working on our Master degree thesis on EJBCA CE. We would like to implement a secure infrastructure similar to the one proposed in the documentation called CA with distributed RAs and/or VAs but using EJBCA Community Edition. Is it possible to implement it, in some other way, without using the enhanced features of the Enterprise Edition?

[primetomas]

You can develop your own RAs that communicate with the CA using for example WS or REST API.
For distributed VAs, you can always do alot using database technology, while it is of course much simpler and robust with the EE features.

[hackermann33]

Is it possible to have a EJBCA-EE license for student?

[primetomas]

I don't think it's easy to get through administration, it will be a lot of paperwork. The absolutely easiest way to try EJBCA EE is to use the free trials on AWS. It's 30 days to play around, you could probably ask for an extension of the period.

https://aws.amazon.com/marketplace/pp/prodview-u2xdo5mkuilke?ref=portal_asin_url
https://aws.amazon.com/marketplace/pp/prodview-dbollgd7fq4gy?ref=portal_asin_url