Unsung has partnered with Keyfactor for over five years, developing substantial expertise across their certificate lifecycle management and PKI platform portfolio. As a Value-Added Solutions Provider, we design, implement, integrate, and support Keyfactor technologies for UK government and enterprise customers.

This long-standing relationship enables us to help organisations address common PKI challenges including certificate visibility gaps, manual renewal processes that cannot scale, and the operational burden of managing certificates across hybrid and cloud environments. We have delivered successful Keyfactor projects into UK Central Government and enterprise customers, providing us with practical experience that benefits every new engagement.

Our consultants take a vendor-neutral approach, advising clients on whether Keyfactor solutions represent the right fit for their specific requirements before committing to implementation.

‍

Keyfactor provides software and cloud services for managing digital certificates and machine identities. The portfolio addresses PKI platform requirements, certificate lifecycle automation, and code signing.

Keyfactor Command is a certificate lifecycle automation platform that provides centralised discovery, inventory, management, and automation of X.509 certificates and keys across on-premises, cloud, DevOps, and IoT environments. The platform supports multi-CA environments, including both internal and public certificate authorities, with workflows, alerts, reporting, and integrations to automate issuance, renewal, and policy enforcement. For organisations struggling with certificate expiry incidents or lacking visibility of their certificate estate, Command addresses these operational challenges directly.

EJBCA Enterprise is a full-featured, highly scalable certificate authority and registration authority platform for building enterprise or IoT PKI. Based on PrimeKey technology acquired by Keyfactor, it can be deployed on-premises or in cloud environments and supports large-scale IoT deployments requiring certificate issuance for devices and services.

Keyfactor Command for IoT provides end-to-end IoT identity and device security, embedding certificate-based identities into devices from manufacturing through end-of-life. The platform integrates with EJBCA Enterprise and major cloud IoT platforms including Azure IoT Hub.

Keyfactor Signum is a cloud-based code signing platform that centralises and protects signing keys in HSM-backed services whilst enforcing policy and integrating into CI/CD and developer toolchains. It supports popular signing tools including SignTool, Jarsigner, Cosign, OpenSSL, and Jenkins.

Enterprise Code Signing provides on-premises code signing for firmware, software, containers, and other artefacts, using HSMs to generate and store signing keys with strong access control.

SignServer Enterprise is a central signing service for high-volume, automated signing of code, documents, and other data. Originating from PrimeKey technology, it offers support for multiple signing formats with policy control and automation for enterprise signing workflows.

PKI as a Service delivers fully managed PKI combined with certificate lifecycle automation as a cloud service, targeting organisations that require turnkey PKI operations without running their own CA infrastructure.