Keyfactor Announces PQC Capabilities in EJBCA and SignServer Community Editions at KubeCon London

EJBCA and SignServer Among the First Open-Source PKI and Signing Solutions to Support Latest PQC Algorithms from NIST

Keyfactor, the industry leader in digital trust for modern enterprises, today announced updates to EJBCA 9.1 and SignServer 7.1 Community Editions, which now include capabilities that support all NIST-standardized post-quantum cryptography (PQC) algorithms. With these updates, Keyfactor is making its PQC-capable solutions available for testing among engineers, developers, and partners, accelerating quantum readiness by making quantum-safe public key infrastructure (PKI) and signing more accessible than ever.

As organizations prepare for a quantum-resilient future, early testing of PQC is crucial to mitigate risks and avoid last-minute security overhauls. The latest releases allow developers and engineers to start trialling PQC with their PKI and digital signing workflows as they take the first steps towards PQC-readiness. This is an essential step to ensure a smooth transition before NIST’s 2030 and 2035 deadlines, in which legacy encryption algorithms will be officially deprecated and then disallowed. Specifically, the Community Editions of both EJBCA 9.1 and SignServer 7.1 support NIST-approved quantum-safe algorithms ML-DSA, SLH-DSA, and ML-KEM, the first completed standards from NIST’s PQC standardization project.

As one of the world’s leading PKIs, EJBCA offers robustness and scalability, while SignServer provides signature format flexibility and supports many signing projects in one instance. Whether a user is trialing a signing strategy or evaluating solutions for future enterprise use, these editions provide an open and flexible way to bolster next-generation security.

“Open source has an important role to play in the PQC transition,” said Malin Ridelius, Head of Community and Developer Relations at Keyfactor. “No single vendor or organization will be leading this change alone. Our success as an industry hinges on shared test vectors, open implementations, and real-world deployments that will help refine algorithm usage and provide widely available solutions. Keyfactor is proud to support open collaboration, helping to drive innovation and deliver relevant, impactful security solutions.”

Keyfactor will be at KubeCon in London to showcase how EJBCA and SignServer enable crypto-agility through secure workload identities, service meshes, software supply chains, and IoT deployments in a post-quantum world. Keyfactor’s Chief PKI Officer, Tomas Gustavsson, alongside experts from IBM, CERN, and Broadcom, will also present a session that explores the disruptive impact of quantum computing on Kubernetes, covering quantum workload orchestration, infrastructure redesign for NIST’s quantum-safe standards, and the role of quantum machine learning in AI. The session, “Quantum-Ready Kubernetes: How Do We Get There?”, will take place on April 4 at 11:00 a.m. BST.

“The transition to PQC is one of the most significant cryptographic shifts in history, impacting critical infrastructure, businesses, and security at large,” according to Gustavsson. “The time for organizations to start their transition journeys is now. As we will discuss at KubeCon, no one is standing still in the advancement of quantum technology and the applications designed to break RSA encryption. Solutions like EJBCA and SignServer play a critical role in helping organizations take action.”

The enterprise versions of these solutions, EJBCA Enterprise and SignServer Enterprise, are already widely trusted and deployed by organizations taking assured action on their PQC strategies. Backed by HSM integration, advanced security and scalability, deployment flexibility, and full delivery and support services, Keyfactor’s enterprise solutions provide the foundation needed to seamlessly transition to quantum-safe cryptography while ensuring compliance and operational continuity.

SignServer 7.1 will be available April 28, 2025 and EJBCA 9.1 is available now. To learn more about EJBCA and SignServer, please visit: https://www.ejbca.org/about/ and https://www.signserver.org/about/. For KubeCon attendees looking to future-proof their security strategies, please visit booth N725 for live demos and insights from Keyfactor experts.

About Keyfactor

Keyfactor brings digital trust to the hyper-connected world with identity-first security for every machine and human. By simplifying PKI, automating certificate lifecycle management, and securing every device, workload, and thing, Keyfactor helps organizations move fast to establish digital trust at scale — and then maintain it. In a zero-trust world, every machine needs an identity and every identity must be managed. For more, visit keyfactor.com or follow @keyfactor.

View source version on businesswire.com: https://www.businesswire.com/news/home/20250401424813/en/

Open source has an important role to play in the PQC transition. No single vendor or organization will be leading this change alone.