Run your own TrustCenter

Nitrokey HSM users are invited to try the new TrustCenter function in the PKI-as-a-Service Portal.

The TrustCenter function allows you to operate your own PKI, manage Nitrokey HSMs and issue certificates for people and systems.

See our blog for details.


I’ve read both blog posts and watched the video but I do not seem to be able to find the software to run it locally on CDN. Do you have some pointers how to build the docker image / install the required apps on the scripting server?

The project is hosted in the CDN and we provide a ready-to-use tarball under Files.

The source code is in the pki-as-a-service git repository. You should see that when you ssh with your DevNet-CA key into There is also a with details.

The sandbox system is for playing around. It also allows us to look in the logs if a user needs help. The sandbox system is updated frequently.

1 Like

Thank you, somehow I have missed that ssh:// is now available.

That is probably because I missed to change the access condition for the repo…

Btw. did that screencast help to understand how to configure the HSM ?

I’m wondering if we should produce more of those.

The PKI-as-a-Service Portal now supports the EST protocol for automatic certificate enrollment.

Details can be found in the new blog entry.

1 Like