u.trust Identify
Reliable proof of existence and status of documents and electronic records at a specific point in time

u.trust Identify

u.trust Identify – Device identity lifecycle management- generation, renewal and revoking of digital certificates for secure authentication of users, applications and connected devices

CryptoServer SDK
  • Improving the route to secure identity- cryptographic techniques enabling strong encryption and qualified identity validation
  • Providing an identity for everything- from medical devices to remote treatment (eHealth) to wearable devices, connected homes and across to manufacturing and IoTroviding each user, application or device with a ‘trusted’ identity
  • Ensuring a continuous chain of trust- providing device security, authentication, access control and data privacy throughout device operation
  • Operated within a PKI infrastructure, ensuring confidentiality, authenticity and non-repudiation of sensitive information
  • Transport Layer Security (TLS) is used to encrypt and secure communications in order to secure ecosystems
  • Encrypt and sign all digital communications, protecting confidential information from unauthorized access
  • A flexible, cloud-based service for a diverse range of PKI IoT & IIoT use cases
Key Benefits

Key Benefits


Certificate Management System

Deploy and operate a trusted PKI with optional support for Active Directory Certificate Services (ADCS) management. Scalable in order to handle high volumes.


Certificate Authority

Scalable CA infrastructure with support for multiple virtual CA’s, built-in HSM and multi-protocol support.


OCSP Proxy and Responder

Multi-OCSP responder architecture with a single point of access and automatic traffic proxying. Routing traffic to the correct OCSP has never been easier!



u.trust Identify – The flexible and scalable PKI solution for IoT certificate management

u.trust Identify is UTIMACO’s flexible and scalable managed PKI solution enabling businesses and governments to deploy and operate a trusted Public Key Infrastructure (PKI) that meets  specific requirements. The solution has been designed to  make daily operations such as generation, renewal, and revocation of digital certificates straightforward whilst also actively supporting all customization and automization requirements.  
u.trust Identify is a ready-to use PKI solution that includes all features of a sophisticated PKI: Certificate Authority (CA), Certificate Management Systems (CMS) which also acts as a Registration Authority (RA), Online Certificate Status Protocol (OCSP) Responder and Proxy, as well as support for Microsoft Active Directory (AD) and Active Directory Certificate Service (ADCS) integration. The modular design allows customization of setup and allows the user to take advantage of Utimaco’s included Professional Service offering. Customization, automization, management and multi-tenant setups are easily achieved with u.trust Identify.

The CMS comes with integrated separation of duties and the comprehensive role and permission management making multi-tenant setups extremely straightforward – even the most complicated multi-domain setups with Active Directory are possible. u.trust Identify also offers intuitive and comprehensive Web-UI with 2FA and granular access rights management.

CA is highly customizable and provides support for various, freely configurable certificate profiles.

Utimaco’s solution is available at a flat-rate price or as a subscription-based licensing model and comes with multiple deployment options, such as Docker containers, RPMs or VMs.

u.trust Identify is a reliable and flexible enterprise PKI solution that will meet IoT certificate management requirements. u.trust Identify is a trusted, well-proven PKI market solution  even the most complicated deployments and integrations.
Flexibility, scalability, and customizability are the key pillars of Utimaco’s system architecture. Please reach out to us to schedule a demo!

Available in multiple licensing options

  • Perpetual and subscription- based
  • Pick & Choose-Model    

Multi-tenant capability

  • Support for multiple tenants, virtual CAs and OCSP proxying
  • Multi-tenant and multi-CA support    

Highly customizable

  • Automization via scripting and APIs
  • Module customization through Utimaco’s Professional Service & Support
  • Intuitive User Interface (UI)

Easy centralized administration and management

  • Easy to operate via WebUI, shell and scripts
  • Built-in role management with separation of duties. Optional AD integration is available
  • Fine grained role and permission management providing
  • Certificate profile and expiry management    

Seamless integration

  • Built-in HSM support
  • Support for different certificate formats (X.509, CVC (Card Verifiable Certificates))
  • Support for various protocols (CMP, SCEP, REST, ACME, etc.)
  • AD authentication and takeover of users and groups
  • Support for ADCS   


Secure key storage and cryptographic processing for common business applications

Find more details

CryptoServer CP5

The eIDAS Compliant and CC-Certified Qualified Signature Creation Device (QSCD)

Find more details

u.trust Anchor Se15k/Se40k

Our high performance HSM provides an unprecedented speed of up to 40,000 RSA transactions per second, dedicated to use cases requiring highest processing power and consolidation.    

Find more details

Contact us

We look forward to answering your questions.

Our Partners

Look for the best implementation or distribution partner for your project.

Get in touch with us

Talk to one of our specialists and find out how Utimaco can help you today.