High Availability Deployment

The high-availability deployment architecture is designed to ensure that the emCA application and its components are always accessible to clients, even in case of one or more emCA server failures. The emCA servers will be clustered, and the load balancer will distribute traffic between them. In case of an emCA server failure, the load balancer will automatically redirect the traffic to other active emCA servers. In High availability, there will be two HSMs deployed in High trusted Zone.

Components of the High Availability Deployment Architecture:

• Load Balancer: The load balancer distributes incoming traffic across the emCA servers, preventing any single server from becoming overloaded. It also monitors server health and automatically redirects traffic away from unavailable servers.

• emCA CA Servers: The emCA CA servers generate and issue certificates, manage the CA's certificate pool, and handle certificate lifecycle events. Multiple emCA CA servers provide redundancy and fault tolerance, ensuring uninterrupted certificate issuance and management even with server failures.

• Timestamping Authority Server: Generates timestamps for digital signatures, ensuring the long-term validity and integrity of certificates.

• OCSP App Server: Provides an online certificate status protocol (OCSP) responder service to verify the revocation status of certificates.

• emCA DB Servers: The emCA DB servers store and manage the emCA database, containing critical information about certificates, users, and devices. Multiple emCA DB servers maintain data redundancy and prevent data loss in case of server failures.

• HSMs (Hardware Security Modules): HSMs are tamper-proof devices that safeguard sensitive cryptographic material, such as the CA's private keys. Multiple HSMs provide redundancy and protect sensitive data even with HSM failures.

This high availability deployment architecture ensures that the emCA system remains continuously available and responsive, even in the face of server failures or other disruptions.

The emCA (eMudhra Certificate Authority) solution is architected to support multi-tenancy natively, enabling the secure and efficient operation of multiple logically isolated tenants within a single CA infrastructure. This is essential for enterprise, government, or service provider environments where managing independent certificate authorities for different departments, customers, or regions is required.

Key Capabilities:

• Tenant-Level Isolation: emCA ensures strict isolation of certificate issuance, revocation lists, audit logs, and cryptographic material at the tenant level. Each tenant operates in its own secure namespace.

• Dedicated Certificate Profiles and Policies: Each tenant can have customized certificate policies, templates, and approval workflows without impacting other tenants.

• Role-Based Access Control (RBAC): Administrative roles and permissions are scoped to each tenant, ensuring tenant administrators have control only over their respective domains.

• Scalable Architecture: emCA supports the onboarding of multiple tenants without impacting performance or security. It is built to scale horizontally based on tenant growth.

• Audit and Compliance: Logs and audit trails are maintained per tenant and can be exported or integrated with external SIEM tools as needed, supporting tenant-level compliance reporting.

• Use Cases: Ideal for Government PKIs, Managed Service Providers (MSPs), or Enterprises hosting multiple internal CAs for subsidiaries, departments, or partners.

Multi-tenancy in emCA ensures secure segregation, simplified operations, and cost-effective scaling for certificate lifecycle management across diverse environments.