The Vision of the founder thwarted?

A PKI provider, Primekey The Vision of the founder thwarted?

The Swedish company Primekey sells PKI-Software and Hardware solutions to customers from all over the world. Has started the story from the manufacturer, however, with an Open-Source project, the support, the two founders until today.


Although Primekey distributes the Software EJBCA commercially with its own Services, but also as an Open-Source version available for free and is seen by the manufacturer, therefore, as a competitor.
Although Primekey distributes the Software EJBCA commercially with its own Services, but also as an Open-Source version available for free and is seen by the manufacturer, therefore, as a competitor.

(Image: harbucks –

Primekey-founder Thomas Gustavsson made his passion for the cryptography to the profession.

Primekey-founder Thomas Gustavsson made his passion for the cryptography to the profession.

(Image: Primekey)

The IT career of Tomas Gustavsson began on the dark side. Already as a small Boy, he tried a variety of computer games to hack into the accounts of his opponent. Later, he moved with the fronts and focused while working as a research assistant at the faculty of science of the Royal Institute of Technology in Stockholm on cryptography. Fascinated by the topic, he turned his passion into a profession and founded in the year 2020, the Swedish PKI provider Primekey and directs this up today as CTO.

Sounds weird, but it's true:

The core business of Primekey Public-Key-infrastructure (PKI). For this technology, the concept of a communication over networks through the use of digital certificates is to be hedged, the Stockholm – based company has various Software and Hardware solutions. The Portfolio of the PKI Appliance and the Rack Server Primekey LAKE, with PKI and Digital Signing solutions to implement belong. These products are designed in Aachen, where Primekey founded in 2012, is a subsidiary. The Swedes also provide Software-only solutions, such as EJBCA Enterprise, SignServer, which are, among other things, on the Marketplaces of AWS and Microsoft Azure.

The Open-Source project EJBCA

The basic technology of Primekey is the Enterprise JavaBeans Certificate Authority (EJBCA). The Software is Open Source, and for a good reason. The original idea behind it was already in 1994, the Massachusetts Institute of Technology (mit) published a Standard for PKI with a Central directory to Create, Store, and Distribute digital signatures. For Gustavsson was clear: In the long term it would not be possible, only a certification authority for PKI. In his opinion, the technology should be made accessible to everyone.

This Vision motivated the computer scientist, in the year 2000, together with his fellow students Admir Abdurahmanovic the Open-Source project EJBCA up. In 2001, the first Version of the PKI and Certificate Authority Software. Finally, the two founded a year later, Primekey to sell your product as well commercially.

The competition in the own house

Andreas Philipp, Business Development Manager at Primekey

Andreas Philipp, Business Development Manager at Primekey

(Image: Primekey)

Although Primekey on the Basis of EJBCA developed commercial solutions and Services, is the application itself is still freely available as Open Source, and the two founders are in the Open Source Community continues to be active. Andreas Philipp, Business Development Manager at Primekey, will see the greatest advantage that the source code of the Software for the customer can be viewed and you can analyze it yourself. “Thus, the customers can be sure that we have installed with no backdoors.” The disadvantage of the original Vision of a free-to-reach PKI, however, is that EJBCA is Open Source, therefore, to the competitive product from Primekey itself. Because every company can take advantage of the open-source code, and on this Basis their own Services.

Nevertheless, for the manufacturer it clear that he will continue to adhere to EJBCA as an Open-Source project. “Openness is an essential part of our company culture. This is part of our DNA. We started in 2001 with the first release of the Open-Source PKI EJBCA, in order to enable access to such a cryptographic-based technology for all. It should stay that way,“ said Philipp. Because Open Source is an important Alternative to existing commercial applications and Apps that offer no insight into the program code. Philip is convinced that Open Source in the future is of great importance, since the transparency brings significant advantages from the point of view of the security, confidentiality and integrity.

In the PKI market much going on

In addition to Primekey there are still a PKI provider. The design and implementation of a PKI as well as additional Services and solutions, for example for the application and management of digital certificates that provide, among other things:
– Sefirot
– Exceet
Crypto vision
– D-Trust
– T-Systems
– Secunet
– Nexus
– Thales
– DigiCert

PKI needs know-how

Also the cooperation with the ICT Channel is intended to be for Sweden in the future, is of great importance. The objective of the manufacturer is to sell 100 per cent indirectly. However, due to the complexity and the requisite technical competence in applied cryptography and the diverse areas of application of PKI are a very special Partner, the addiction Primekey for the Channel Ecosystem. Because the company is only as a component supplier of software and Hardware and provides a platform on which partners can build value-added services for the end customers. This means that the partners undertake the design, implementation and maintenance of the PKI itself. The First and Second Level Support Primekey, it is usually the Partner. This includes the maintenance of security measures that are included in the PKI, such as the Firewall or the Network Slicings. “A PKI requires a lot of know-how. Since there is a need for partners to bring a wide range of Security expertise,“ explains Philipp.

That’s why the company is looking for service providers who want to specialize as integrators and consultants on PKI. “The Partner earn, of course, Discounts on pure Reselling. But most of the revenue you make according to our experience with consulting and Managed Services.“ The classic among the benefits is the Monitoring of the infrastructure by the Reseller attaching them to a SOC. In the channel program of the manufacturer is included in the scope of the Onboarding process, a three-day Training. The partners are trained on the Basis of the Primekey products for PKI. There are further qualification training, which serve the specialization for certain industries.

Worldwide Primekey is already working with 20 sales partners, 15 of them in the DACH Region. This includes the development and consulting company Achelos and Cryptas, as well as the service provider NTT facilities. 18 technology partners, including Yubico, Red hat, and Infineon to come. In spite of the efforts of Primekey, the Channel to develop, is scheduled to cooperation with distributors in the long term.