With every Datargo module setup
- Discovery and inventory
- Auto-renewal for selected CAs
- Standard certificate types
- Audit trail with Datargo ID
NextPKI is discovery-first certificate lifecycle management built for the 47-day TLS reality. CA-agnostic, EU-sovereign, crypto-flexible and post-quantum-ready. It finds every certificate before it expires.
NextPKI scans networks, cloud accounts, load-balancer endpoints and devices. Every TLS and S/MIME certificate lands in your inventory, complete with chain, OCSP status, SAN list and owner.
NextPKI orders certificates from any supported CA with a configurable approval workflow. ACME for internal CAs, REST APIs for commercial ones. Rollover, renew and revoke in a single cockpit.
NextPKI is crypto-agile from day one. RSA, ECDSA and Ed25519 today, post-quantum algorithms tomorrow. Switch without changing a line of code in the calling system, governed by a per-tenant policy engine.
NextPKI is included in the platform stack and itemized transparently within the overall package. Standalone list pricing for external PKI use is available on request.
With every Datargo module setup
For enterprises running their own private PKI
Direct licensing for external customers
NextPKI shares identity, accounting and audit trail with the entire Datargo suite.
Talk to us before the next certificate lapses. We set up discovery and enterprise PKI together with you.