CA Certificate Types Offered by eMudhra
eMudhra’s Certificate Authority (CA) portfolio includes three primary CA certificate classes tailored to diverse security needs:

1. SSL/TLS Certificates
   • Use Cases: Securing websites, APIs, load balancers, and microservices with HTTPS.
   • Validation Levels: Domain‑Validated (DV), Organization‑Validated (OV), and Extended‑Validation (EV) options.
   • Key Features:
     • Support for single‑domain, multi‑domain (SAN/UCC), and wildcard certificates.
     • Automated issuance and renewal via ACME or REST APIs.
     • Integration with HSMs for private‑key protection.
2. Code‑Signing Certificates
   • Use Cases: Digitally signing executables, drivers, scripts, and mobile apps to guarantee publisher identity and integrity.
   • Validation Levels: OV and EV code‑signing, with EV providing hardware‑backed private keys for stronger identity assurance.
   • Key Features:
     • Built‑in timestamping service to maintain signature validity beyond certificate expiry.
     • Integration with CI/CD pipelines for automated, zero‑touch signing.
3. Client‑Authentication Certificates
   • Use Cases: Enabling mutual TLS (mTLS) for secure API access, VPN logins, and S/MIME email authentication.
   • Validation Levels: OV for corporate employee or partner identities, plus custom templates for machine‑to‑machine certificates.
   • Key Features:
     • Automated enrollment via PKI connectors (LDAP/AD) or SCEP/EST protocols.
     • Granular policy controls over user roles, revocation rules, and certificate lifespans.

Global Trust Mechanisms

• Root Inclusion & Cross‑Signing:
  eMudhra’s public CA roots are cross‑signed by major root programs (Microsoft, Mozilla, Apple, Google) to ensure broad browser and OS recognition.
• Code‑Signing Reputation:
  EV code‑signing certificates leverage hardware tokens to satisfy platform‑specific requirements (e.g., Microsoft SmartScreen, Apple Gatekeeper), reducing end‑user warnings.
• Enterprise Trust Stores:
  Client‑auth certificates can be automatically deployed to corporate device trust stores via Group Policy or Mobile Device Management (MDM), ensuring seamless mTLS and S/MIME adoption.

Why Choose eMudhra’s CA Certificates?

• End‑to‑End Automation: Fully API‑driven workflows eliminate manual CSR handling and renewal outages.
• Hardware‑Backed Security: FIPS‑certified HSM integration safeguards private keys across all certificate types.
• Compliance Assurance: OV/EV validations, audit‑ready logs, and policy enforcement simplify adherence to regulations like eIDAS, HIPAA, and PCI‑DSS.
• Global Recognition: Trusted by millions of browsers, operating systems, and platform‑level security checks—ensuring your SSL/TLS sessions, signed code, and client authentications are universally accepted.