Other our websites
Social media
Contact information

Units 7 &9. Commercial Official Tower Number 37. Dr. Fatemi Street. Valiasr Street. Tehran. Iran

Postal Code







Comprehensive PKI Services

  • Certification Authority (CA)

Certificate issuing and revoking

  • Registration Authority (RA)

Registering and certificate request

  • Verification Authority (VA)

CRL and OCSP services

  • Public Key Directory (PKD)

Certificate repository

  • Timestamp Authority (TSA)

Trusted timestamp with digital signature

  • PDF Signer (DS)

Central PDF digital signing

  • XML Signer (DS)

Central XML digital signing

  • CMS Signer (DS)

Central CMS digital signing

  • Key Management System (KMS)

Secure Key life-cycle management



  • Includes embedded HSM with

FIPS 140-2 Level 3 Certificate

  • Secure key generation and key storage by HSM
  • Secure customized Linux in core
  • Internal Firewall and Proxy
  • Working with different security zone and networks


Flexibility, Scalability and Reliability

  • Integration with other systems for
  • Integration by Web-Service and SDK
  • Separation of various services for Scalability
  • High Performance
  • High Availability with redundancy and fault tolerance
  • Easy Administration and Configuration by command
  • Easy Maintenance and troubleshooting
  • Licensing features
  • New monitoring features
  • Power supply redundancy (optional)

Software Development Kit

  • J2EE and J2SE SDK
  • .Net Framework SDK
  • Web-Service API (SOAP)


Token and Smart Card

  • Certificate Issuing on all types of Token and Smart Card based on
  • Certificate Issuing on Iranian Tokens including ParsKey and KeyA3 without any driver
  • Direct issuing on IDin card


Hardware Security Module (HSM)

  • Includes embedded HSM with

FIPS 140-2 Level 3 Certificate

  • Embedded HSM 25/220/600 tps (1024 bit RSA signature/second)
  • Supporting various Network HSMs by PKCS#11 Interface (SafeNet, nCipher, Utimaco, Boll, etc.)


PKI Standards

  • RFC 5280/ RFC 4387/ RFC 5019/ RFC 2253/ RFC 2396/ RFC 3161/

RFC 2818/ RFC 3778

  • FIPS 180-4/ FIPS 140-2
  • PKCS#1/ PKCS#7/ PKCS#10/ PKCS#11/ PKCS#12
  • XML-Sig


Physical Characteristics

  • Connectivity: 1 Gbps Ethernet
  • Dimensions: 426 x 450 x 44 mm
  • 1U Rackmount

Integrated System for Digital Signature and Coding

The PKA device, FA model presents all PKI services in one set. This device provides the different services including CA (Certification Authority), RA( Registration authority), VA (Verification Authenticity), public key directory, timestamp authority and digital signature, making needless the organization as to purchasing different equipment, affording much financial charges and long time for project implementation. This device takes advantage of standard hardware and software modules which submits integrated management to the organization. In this device a comprehensive solution is rendered which created complete management of life cycle of electronic certificate from issuance to cancellation and thereafter the same.

Support of Hardware Security Module (HSM)

This device has internal hardware security module for secure production and maintenance of private keys of certificate issuance centers, timestamp issuance center and digital signature which provides higher level of security. In this device a system has been provided under title of Key Management System KMS which is responsible for full management of life chain of keys including production, maintenance, support, retrieval and transfer. Also for more security, in order to maintain the support version of private keys, a special smart card is used. On the other hand this device can be connected to various HSM under network based on KCS#11standard.




Token Registration and Management System

This device  is equipped with internal registration system (RA) which provides the possibility for definition of users and issuance of certificate for token and smart card. Through this system it is possible to request for certificate cancellation in case of token loss and theft. There is also capability for searching in the issued and cancelled certificates through this system. Besides this system, the software development kit (SDK) has been predicted by which it is possible to add certificate and token issuance to other software systems. By such method, the automation software of the customer by assistance of one software library can call the web services of PKA and takes action for obtaining the electronic certificate.

Connectable to other software systems

PKA device has been designed in a manner it can be connected easily to other software of the organization; by this device all the software systems can be equipped with PKI-enabling. For this purpose, various connections with this device have been predicted for development of software. This device can render its different services in context of web-services and has programming library (SDK) for two platforms of Net Framework and JavaJ2EE/J2SE. By these tools, the other software systems can be equipped with PKI- enabling easily and in shortest possible time.


pka Having Patent Certificate from General Dept. of Industrial properties

Having confirmation of Security Lab of Informatics Industries Research Center under supervision of E-Commerce Development Center

Winner of 10th Sheikh Bahaei Technopreneurship National Festival

Equipped with HSM device having FIPS 140-2 Level 3 standard   











Download PKA-FA Product Brief


Our Customers