Deployment Models (On-Prem, Cloud)

CertiNext supports flexible deployment models to meet varying requirements around security, compliance, data residency, and operational control. Organizations can choose between a fully on-premises deployment or a SaaS multi-tenant deployment, with consistent lifecycle management capabilities across both models.

1) On-Premises Deployment

In an on-premises deployment, all CertiNext components are installed and operated within the customer’s infrastructure.

What is deployed on-premises

• CertiNext platform (application and services)

• Automation bots for discovery, enrollment, renewal, and provisioning

• emCA for private PKI

• Integration with customer-managed HSMs or cloud HSMs, where applicable

Key characteristics

• Full control over infrastructure, data, and cryptographic material

• Certificates, keys, and metadata remain entirely within the customer environment

• Suitable for regulated, high-assurance, or air-gapped deployments

• Complete control over PKI hierarchy design, key custody, and lifecycle policies

This model is typically chosen by organizations with strict regulatory mandates, sovereign data requirements, or deep PKI customization needs.

2) SaaS Multi-Tenant Deployment

In the SaaS multi-tenant deployment, CertiNext and emCA are hosted and operated as a managed cloud service, while automation bots are deployed within the customer’s environment.

What runs where

• CertiNext platform: Hosted and managed as SaaS

• emCA (Private PKI): Hosted within the SaaS environment

• Automation bots: Installed in the customer’s environment to perform discovery, enrollment, renewal, and provisioning against local systems

• Secure APIs: Used for all communication between bots and the CertiNext SaaS platform

This hybrid architecture combines centralized management with local execution and control.

Data Isolation and Tenant Design

CertiNext’s SaaS deployment supports tenant isolation with separate databases per customer, when requested.

• Each customer can be provisioned with a dedicated database to ensure strong data isolation

• Certificate metadata, configurations, audit logs, and lifecycle records are segregated

• Enhances security posture and simplifies compliance assessments

Important: Requests for dedicated databases must be made at the time of onboarding. If not specified, customer data will be provisioned within a common multi-tenant environment using logical isolation controls.

Key Management and HSM Model (SaaS)

In the SaaS deployment model:

• CertiNext uses FIPS 140-2 Level 3 compliant HSMs

• HSMs are hosted and operated by eMudhra within its secure data centers

• Customer-approved HSMs or external key management services are not supported in the SaaS model

To ensure cryptographic isolation:

• HSM partitioning can be enabled on request

• Each customer’s keys and certificates are isolated within dedicated HSM partitions

• Key access is strictly controlled and auditable

This model provides strong security guarantees while maintaining the operational simplicity of a managed SaaS service.

Automation Bots and Local Control

Even in the SaaS model:

• Automation bots run inside the customer’s environment

• Bots handle sensitive operations such as certificate discovery and deployment locally

• No inbound connectivity is required from the SaaS platform into customer systems

This minimizes exposure while enabling full lifecycle automation.

Termination and Exit Readiness

The SaaS model is designed with clear termination and exit planning:

• Customer data is logically isolated and, where requested, physically segregated at the database level

• HSM partitioning ensures cryptographic separation throughout the lifecycle

• Certificate metadata, audit logs, and reports can be exported as part of termination

• Customer-side bots ensure no persistent dependencies remain within customer environments

This allows customers to exit the service cleanly without loss of visibility or operational continuity.

Choosing the Right Deployment Model

Organizations typically choose:

• On-Premises for maximum control over infrastructure, keys, and PKI design

• SaaS Multi-Tenant for faster onboarding, reduced operational overhead, managed HSM security, and scalable automation

Both models deliver the same core capabilities across discovery, renewal, enrollment, auto-provisioning, governance, and reporting.

Summary

CertiNext’s deployment models are designed to balance security, control, and operational efficiency. Whether deployed fully on-premises or consumed as a SaaS platform with customer-side automation and managed HSMs, CertiNext ensures strong data isolation, cryptographic protection, and enterprise-grade certificate lifecycle management—without compromising governance or exit readiness.