We were engaged to replace an issuing CA Certificate and re-issue all 15,000 end entity certificates across the enterprise with no business or operational impact.​

It was identified that the technology stack supporting the existing Issuing CA had reached end-of-life. As a result, a new hosting platform was established to support a replacement Issuing CA. Unsung analysed a representative subset of CSRs submitted over the previous 12 months to validate certificate issuance and collaborated with the customer to define a risk- based migration strategy. Business communications and additional support resources were mobilised throughout the migration period to promptly address incidents and ensure continuity for service consumers.​

A range of nuanced certificate requirements were identified across the various end entity consumers of the service, each of which required thorough identification, testing, and validation prior to migration. Delays in decision-making by the customer, combined with a fixed certificate expiry deadline, necessitated the implementation of several tactical measures to maintain operational continuity.​

KeyFactor EJBCA, Thales Key Protection, VMWare, Dell, Cisco ​