Public Key Infrastructure as a Service (PKIaaS) - Certificates from the Cloud

Xorble Key Vault KSP

Downoad and install the Xorble Key Vault KSP for Windows Server.
The Xorble Key Vault KSP provides an Azure Key Vault cloud-based Hardware Security Module (HSM) protected Key Storage Provider (KSP) for general cryptographic use by Windows Server.
The KSP is designed to provide a solution for organisations that require an HSM backed service for application such as PKI etc.
The KSP supports RSA (2048, 3072 and 4096 bits) and Elliptical Curve Algorithms (ECDSA and ECDH at 256, 384 and 521 bits).
The KSP has been tested with various Windows components including Active Directory Certificate Services (AD CS), IIS (for SSL/TLS certificates) and OCSP Signing.

This is the beta of the Xorble Key Vault KSP and will expire at the end of 2020. The beta version is signed using a test signing certificate.
The beta KSP is free to use. The licensing and costs for the GA version of the KSP have not yet been finalised.
The KSP is currently 64-bit only.

Xorble Key Vault KSP InstallerXorble Key Vault KSP Installer
XorbleKeyVaultKSPUserGuide_0.2.pdfXorble Key Vault KSP User Guide 0.2.pdf
Test Signing Root CA CertificateTest Signing Root CA Certificate
Test Signing CertificateTest Signing Certificate
EMail for More Information

Outlook Add In Download Page

Downoad and install the Outlook Add In to automate the configuation of certificates for Outlook.
This allows you to send and receive encrypted and digitally signed S/MIME email.
The Add In also emails your encryption certificate details to your contacts enabling them to send you encrypted email.
The Add will request consent before enrolling for certificates, installing root certificates or emailing any contacts.

This is the beta of the Outlook Add In.

Xorble Outlook Add In InstallerXorble Outlook Add In Installer

Web Services Proxy Add In Download Page

Downoad and install the Web Services Proxy Add In to enable Auto Enrollment of Certificates from Domain Joined Clients.
The Xorble Web Service Proxy component implements the X.509 Certificate Enrollment Policy Protocol (MS-XCEP) and WS-Trust X.509v3 Token Enrollment Extensions (MS-WSTEP) protocols that allows Windows clients to auto enrol for both user and computer certificates.
The protocol allows clients to query for the list of certificate profiles (templates) available and then automatically enrol for them. Configuration for XCEP and WSTEP are both done using Group Policy and hence there is no per user or computer configuration.
By using the web services proxy, customers can deploy and use certificates without needing to manage an internal PKI. In addition, encryption certificates are automatically published to Active Directory and to an Internet based repository allowing easier user to user secure messaging using S/MIME.

This is the beta of the Web Services Proxy Add In.

Xorble Web Services Proxy InstallerXorble Web Services Proxy Installer
Xorble Web Service Proxy installation 1_0.pdfXorble Web Service Proxy installation 1_0.pdf