Please Fill Out Form

to Request Document

Required Fields*

Robust and Applicable Technology

The Manufacturer-Class Certificate Authority Server’s functionality fully encompasses a wide-range of potential use cases including POS key management, generating Public Key Infrastructure (PKI) certificates, and injecting asymmetric key pairs for encryption. Users benefit from the compatibility with all major key types and protocols. Better yet, the Manufacturer-Class Certificate Authority Server evolves alongside the rapidly growing cybersecurity industry, giving your organization the long-term edge to generate asymmetric key pairs, inject private keys into devices for PKI, and store and manage large quantities of keys.

The Manufacturer-Class Certificate Authority Server presides over all PKI-related duties in an intuitive manner, supplying users with the ability to produce encrypted communication by managing certificate trees, Certificate Revocation Lists (CRLs), private keys, signing requests, and more.

Extensive Key Lifecycle Management

Overseeing the use of encryption keys with a single vendor solution can introduce greater convenience and efficiencies to a cryptographic infrastructure. Using the Manufacturer-Class Certificate Authority Server, organizations can streamline key and certificate management. From generation to revocation, the Manufacturer-Class Certificate Authority Server leverages the ability for users to oversee every aspect of keys and certificates from a single device. 

Security from Every Angle

In addition to providing logical security in the form of dual logins, separated user roles, and customizable permissions, the Manufacturer-Class Certificate Authority Server offers robust physical security to ensure data is never accessible to unauthorized individuals. As a FIPS 140-2 Level 3-validated, Secure Cryptographic Device (SCD), the Manufacturer-Class Certificate Authority Server prevents physical threats on multiple levels. The steel chassis and rack mount locks are particularly difficult to bypass. Should any physical tamper signs become present, the Manufacturer-Class Certificate Authority Server can automatically erase proprietary information upon noticing the access attempt.

Integration Made Simple

The Manufacturer-Class Certificate Authority Server can easily fit into the existing infrastructures of enterprise-level manufacturers or organizations requiring large-scale cryptographic operations. Futurex’s custom development initiatives can provide your organization with the additional resources or technology that may be required. Futurex’s professional services can assist with any additional project requirements, from on-site installation to employee training.

Versatile Functionality

  • Supports all common key types and protocols, including DES, Triple DES, DUKPT, X.509 v3, AES, RSA, and EMVCo
  • X9.17, AKB, and TR-31 (including custom optional fields) key block formats are available for use
  • Supports mutual authentication under a trusted root certificate to establish a trusted Public Key Infrastructure (PKI)
  • Injects asymmetric private keys into devices to be used for PKI
  • Signs devices, software code, individual or bulk files, SSL connections, and more
  • Capable of generating and storing millions of signatures, keys, and self-signed root certificates

Secure File and Device Signing

  • Files can be signed using numerous cryptographic algorithms such as SHA-1, SHA-2, and more
  • Users can expand .tar files, sign archived files, and then recompress the archive with the signature of the chosen files
  • Inject private keys into electronic devices during the manufacturing process
  • Deploy object signing to provide confirmation that files have not been altered or accessed while in transit


  • Compliant with emerging and current compliance standards such as FIPS 140-2 Level 3, EMVCo, PCI DSS, ANS X9.24 - Part 1 and Part 2, RoHS, and FCC Class B - Part 15
  • Automatically transmit data logs to a remote syslog server for internal and external audits
  • Digitally signed log files to ensure data integrity is maintained

Ease of Use

  • Fully functional graphical user interface (GUI) with no command line tasks required for initial setup, regular auditing, firmware upgrades, or maintenance
  • Simple installation and management procedures
  • Automated, network-based backups, providing peace of mind and fulfillment of best practices


  • 2U hardened steel interlocking rack mounted case
  • Difficult-to-replicate, unique face plate bezel locks to secure the server with the rack
  • Secure cryptographic device (SCD) with epoxy barrier to protect sensitive data
  • Multi-user grouping for enforcing the principle of least privilege

Dimensions and Weight

  • Weight: 40.5 lbs (18.4 kg)
  • Width: 19 inches (48.3 cm)
  • Height: 2U - 3.47 inches (8.81 cm)
  • Depth: 22.3 inches (56.7 cm)

Industry Compliance Standards Met

  • FIPS 140-2 Level 3
  • EMVCo
  • ANS X9.24 - Part 1 and Part 2
  • RoHS
  • FCC Class B - Part 15
  • Applicable future compliance mandates

EMV Certificate Management

  • All major card brands supported
  • Supports issuer self-signed certificate creation and export
  • Creates ICC certificates according to EMVCo specifications

Manufacturer-Class Certificate Authority Server Unit Includes

  • Application and documentation CDs
  • Rack installation kit
  • Two sets of two SCD barrel keys
  • Four smart cards
  • Cables

Operating Conditions

  • Power requirements: 100 - 240 VAC 50/60 Hz. 225 Watts
  • Operating temperature: 50° to 95°F (10° to 35°C)
  • Storage temperature: 41° to 149°F (5° to 65°C)
  • Operating relative humidity: 20% to 80% non-condensing
  • Storage relative humidity: 5% to 95% non-condensing


  • Dual control-enabled, tamper-responsive and evident design
  • Smart card reader for M-of-N key fragmentation and dual-factor authentication
  • Dual, redundant gigabit Ethernet ports
  • Dual, redundant, hot-swappable power supplies
  • Automated, internal RAID-based backup of object management application and databases

Supported Key Types and Protocols

  • DES
  • Triple DES
  • X.509 v3
  • AES
  • RSA
  • EMVCo
  • KMIP