Certificate Authority Service

Simplify the deployment and management of private CAs without managing infrastructure.

From left a dotted line joins a stack of servers, car, and smartphone with 2 shipping containers and with a database. A dotted line runs from the containers through the Certificate Authority Service icon to a document bearing lines of text and a locked padlock, and to Google Cloud

Overview

Certificate Authority Service is a highly available, scalable Google Cloud service that enables you to simplify, automate, and customize the deployment, management, and security of private certificate authorities (CA).

Blog post

Icon of cloud on monitor screen in a blue circle

Simpler deployment and management

Simplify the deployment, management, and security of your enterprise PKI with a cloud service that helps to automate time-consuming, risky, and error-prone infrastructure tasks, freeing you to focus on higher-value projects.

Icon of blue circle with gears and a shield inset with a ribbon, on a document

Tailored for you

Customize Certificate Authority Service to your needs by configuring custom CAs and certificates, enforcing granular access controls, automating common tasks with APIs, and integrating with your existing systems.

Icon of a blue circle with office buildings, a security shield in the upper left, and a magnifying glass in the lower right

Enterprise-ready (at GA)

Have peace of mind knowing that your CA service is highly available, scalable, backed by an SLA, auditable, and ready to help you achieve compliance with advanced hardware and software security controls.

Features

Deploy in minutes

Create a private CA in minutes versus the days and weeks that it takes to deploy and operate your own CA. Leverage descriptive RESTful APIs to acquire and manage certificates without being a PKI expert.

Focus on higher-value tasks

Offload time-consuming tasks like hardware provisioning, infrastructure security, software deployment, high-availability configuration, disaster recovery, backups, and more to the cloud.

Pay-as-you-go

Help lower your total cost of ownership and simplify licensing with pay-as-you-go pricing and zero capital expenditures. Pay only for what you use (when the service becomes generally available [GA]).

Customize to your needs

Scale from simple to advanced use cases by configuring the root CA (e.g. existing on-premises or cloud), custom key sizes and algorithms, location (region) of the CA, and more.

Manage it your way

Manage, automate, and integrate private CAs and certificates in the way that’s most convenient for you: via APIs, gcloud command line, or cloud console.

Enforce granular access controls

Define granular, context-aware access controls and virtual security perimeters for CA Service with Cloud IAM and VPC Service Controls (at GA).

Protect your keys in an HSM

Store your CA keys using Cloud HSM, which is FIPS 140-2 Level 3 validated and available in regions across the Americas, Europe, and Asia Pacific.

Audit user activity

Obtain tamper-proof logs and gain visibility into who did what, when, and where with Cloud Audit Logs.

Scale with confidence (at GA)

Scale with confidence knowing that the service provides high query throughput, can issue millions of certificates, and comes with an enterprise-grade SLA (at GA).

Documentation

View all product documentation

Certificate Authority Service: How-to guides

To review CAS How-to Guides visit this link.

Pricing information will be available when Certificate Authority Service becomes generally available.

Take the next step

Start building on Google Cloud with $300 in free credits and 20+ always free products.

Try it free

Need help getting started?

Contact sales

Work with a trusted partner

Find a partner

Continue browsing

See all products

A product or feature listed on this page is in beta. Learn more about product launch stages.