Unsung partnered with the Head of Trust Services within a large public sector organisation to execute the re-platforming of 20 Root Certificate Authorities from an end-of-life vendor platform (Entrust) to a modern, strategically aligned platform (EJBCA). This migration represented a critical infrastructure modernisation initiative driven by evolving technical requirements that the legacy platform could no longer adequately support.

The migration was necessitated by emerging organisational requirements for automated certificate enrolment capabilities via industry-standard SCEP and ACME interfaces. These automation protocols were essential to support modern DevOps workflows, CI/CD pipelines, and autoscaling compute infrastructure that formed the foundation of the organisation's cloud transformation strategy.

Unsung successfully delivered a complex platform migration that achieved all client objectives whilst maintaining seamless business operations:

‍

• Successfully migrated all 20 Entrust Root Certificate Authorities to the EJBCA platform with zero operational impact to business services.

• Achieved substantial reduction in business-as-usual operational costs and licensing expenditure through platform consolidation.

• Delivered comprehensive governance documentation aligned to the client's assurance frameworks and regulatory compliance requirements.

The engagement presented several significant technical challenges that required deep PKI expertise and innovative problem-solving to overcome successfully.

The migration constituted a technically complex process that the vendor deemed unfeasible. Developing a repeatable, reliable migration methodology in the absence of vendor guidance required Unsung's consultants to leverage deep understanding of certificate authority architecture and cryptographic operations.

Ensuring precise certificate structure parity between the legacy and target platforms was critical to maintain seamless trust chain validation by downstream consuming systems. Unsung successfully addressed these challenges through rigorous project structure and robust delivery governance frameworks.