Launch EJBCA Enterprise Cloud on Azure

The following describes how to launch EJBCA Enterprise Cloud from Azure Marketplace.

The Azure Portal is a web interface that allows you to configure the EJBCA Enterprise Cloud instance details from a web browser before you launch it. Follow the instructions below to launch an EJBCA Cloud Azure instance.

Locate EJBCA Cloud in the Azure Marketplace

The following describes how to locate the EJBCA Cloud instance and create the app in Azure.

  1. Browse to the Azure Marketplace and search for "primekey" to display the EJBCA Cloud.
  2. Review the plans as desired under the Plans tab to see the different pricing options.
  3. Select the instance type to use and click GET IT NOW in the sidebar.
  4. Select the desired support level, 8x5 or 24x7 and specify the contact information as required my Microsoft.

Launch the Instance

The following describes the steps to launch the instance in Azure using the Launch Wizard.

Step 1: Log In and Create

This action will redirect you to the Azure portal.

  • Login to the Azure portal if not already done, confirm that the proper support plan is selected, and then click Create.

Step 2: Basics

This brings you to the EJBCA Cloud Launch Wizard for Azure.

  1. Select the desired subscription, click Create new and enter the name of a Resource Group that will hold all of the EJBCA Cloud resources, and then click OK.

  2. Select a location for the virtual machine and click OK.

Step 3: Network Settings

The following describes specifying Network Settings.

  1. Select Subnets and optionally change the Subnet names and prefix before clicking OK. A Virtual Network is predefined with a 10.2.0.0/24 network. If a different virtual network is desired, enter the desired values, and then click OK.
  2. If changes to the Public IP address are required, click on ejbcaPublicIP. This will allow for changes to be made to the type of IP including the Basic or Standard SKU as well as a Dynamic or Static IP assignment. For more information on Azure Public IP address types and options, refer to the Azure Public IP documentation on Public IP addresses. Once completed click OK.
  3. Select the DNS prefix to be used when accessing the instance. The value must be globally unique to Azure since it will be accessible globally. In this example, the value "ejbca" is used which made the FQDN ejbca.westus.cloudapp.azure.com. Note that this value will be added to the TLS certificate for this host in the SAN so that it can be securely accessed with it.
  4. Select the IP Range that will be allowed to connect to this instance. For a single IP use a /32, for example, 1.2.3.4/32.

Step 4: VM Settings

The following describes specifying VM Settings.

  1. Enter the Admin Username that will be allowed to SSH into the EJBCA Enterprise Cloud Instance.
  2. Select the Authentication Type, either Password or SSH public key.
    1. If using password, enter it twice. Password must be at least 12 characters long and have 3 out of the following: one number, one lower case, one upper case, or one special character.
    2. If entering an SSH key, copy and paste an RSA public key in the single-line format (starting with "ssh-rsa") or the multi-line PEM format. You can generate SSH keys using ssh-keygen on Linux and OS X, or PuTTYGen on Windows.
  3. The default VM size is a 2 Core 8GB RAM virtual machine. To change the size, click Change size.
  4. Some default recommended sizes are shown. To see more options, click Clear all filters. The prices Azure charges will be shown as well as the resources available for those virtual machines. These charges are separate from the PrimeKey licensing charges associated with the marketplace. Once the desired virtual machine is chosen, click Select, and then click OK.  

Step 5: EJBCA Credentials

To specify credentials:

  1. Enter the EJBCA Superadmin Password. This password is used to retrieve the superadmin.p12 file that will be downloaded from the public web. The password must be at least 12 characters long and have 3 out of the following: one number, one lower case, one upper case, or one special character.
  2. Once a valid password is entered, click OK

Step 6: Summary

The system now runs a final validation to verify your settings as well as the resource allocations you selected.

Once the Validation passes, click OK.

Step 7: Terms of Use

Accept the terms of use to proceed and click Create.

Step 8: Deployment

The deployment will begin. Once you see Deployment in progress..., select the link to see the details of the deployment.

Wait for the details of the deployment to appear. The typical deployment takes about 7-8 minutes in the Microsoft Azure environment.  

Wait until all of the of the deployed resources are green. Within a few minutes after this the instance should be available on the public IP deployed to the host.