Why PKI? What does it do?

A PKI enables an organization to establish and maintain a trustworthy digital ecosystem by managing keys, certificates and identities.
It protects organization IT investments and ensures the business continuity.

Where is SeaCat PKI used?

TeskaLabs SeaCat PKI has been chosen as a central cyber security technology for C-ROADS pilot deployments in the Czech Republic and Slovenia. C-ROADS is a joint initiative of the European Member States and road operators. It is a technological platform that allows road vehicles to communicate with other cars, traffic signals, roadside infrastructure as well as with other road users (V2X, C2X).

What major benefits SeaCat PKI offers?

Strong security

Our cyber security experts continuously select these cryptographic algorithms that are widely recognized as strongest.


We designed SeaCat PKI as a modern microservice that scales from well from a few connected devices to large-scale fleets.


SeaCat PKI is mature and standard-based. That assures the out-of-the-box compliance with various cyber security regulations.

Where to use PKI?

Healthcare & Medical devices

For a cyber sercurity of telemedicine, healthcare IoT devices and modern hospital smart equipment.

Industrial IoT

Manage keys and certificates for any connected industrial device (e.g Industry 4.0).


For connected and autonomous vehicles and smart infrastructures.

Certificate Authority

Build and operate your Certificate Authorities at scale.


Enables a unique and verifiable identity for each endpoint.


Strong Authentication without Passwords.

Digital Signature

Through the use of PKI, a digital signature offers the highest and most verifiable standard for non-repudiation.


When you need to encrypt any sensitive information.

What is SeaCat PKI?

SeaCat PKI is a software for the central key management system (KMS) and certificate management system (CMS) that facilitates the secure electronic transfer of information. It is used for activities that require to prove the identity of the parties involved in communication and to validate the information being transferred. This infrastructure ensures issuing certificates for devices from their production phase, through communication between the devices and end of life.

SeaCat PKI is compatible with Hardware Security Modules (HSM) and supports HSM based CA keys. Thus, it could be used for the solutions that require the maximum level of key protection.

SeaCat PKI as a Service

Our mission is to make the cyber security accessible for everybody and we strive to reduce the complexity of the implementation as much as possible. For that reason, we provide a unique "PKI as a service". It means that you don't need to install, configure and maintain anything, just subscribe and in minutes you will be ready to use the strongest possible cyber security for your mobile applications or IoT devices.

Subscribe for free private beta and get an early access to PKI as a Service.

The free beta access is limited to 100 devices and will be provided for free perpetually.

We guarantee that your email and other personal information are confidential and will not be sold or rented.


ETSI logo ETSI Plugtest logo

The seventh ITS CMS Plugtest, 4-8 November 2019: ETSI PlugTest Certificates of Participation
The first C-V2X Plugtest, 2-6 December 2019: ETSI PlugTest Certificates of Participation

Features of SeaCat PKI

Rich API

SeaCat PKI is a Docker-friendly microservice that provides a rich REST API.

Lifecycle management

Manage your devices at scale over whole lifecycle, from registration to revocation.

Usability vs. Security

We work super-hard to remove "vs." from this equation, our PKI is usable and secure.

Identity provider

Each device (e.g., IoT, vehicle) has a unique non-transferable and non-copiable identity which is provided and managed by PKI.


Provides a standardized automated or manual provisioning of a new device.

End of life / Revocation

Provides an ability to remove devices from an active part of the lifecycle, in a regular or ad-hoc way.

Automated renewals

Automated roll-over and renewal of certificates addressing longevity requirements.


One PKI can serve multiple isolated projects.

Misbehaviour detection

Proactively detect failing or fraudulent devices in your network.


Architecture Microservice
Supported cryptofamilies X.509
C-ITS Security v1.3 and v1.2 (ETSI)
C-V2X Security
Supported asymmetric cyphers RSA
HSM interface PKCS#11
Deployment options On-premise
PKI as a Service
Physical appliance
Virtual appliance
Docker container
Enterprise features High availability
Load balancing
Standardized and structured logging via Syslog protocol
Telemetry via Influx protocol

Contact us

Leave your contact information and our specialist will contact you shortly.

We guarantee that your email and other personal information are confidential and will not be sold or rented.