Get FREE PKI & CLM DARZ Managed PKI & CLM – Full version ready for instant use. No cost, no setup, limited to 50 certificates.

DARZ Managed PKI & CLM

powered by MTG

About us
DARZ Services
MTG Technology

Strategic partnership since 2015

DARZ & MTG

DARZ and MTG have been strategic cooperation partners since 2015. Over the years, this partnership has established various IT security and infrastructure services that meet the strictest security requirements and are successfully operated jointly.

The focus of the managed services is the secure generation, management, and operation of cryptographic keys and digital identities.

DARZ serves as the contractual partner for our customers and is responsible for operations, security, availability, and compliance with all legal and regulatory requirements.

As a German encryption specialist, MTG provides the proven ERS ® technology for PKI, certificate lifecycle management, and key management.

Selected partners within our network support our customers in implementing their specific use cases.

Services

Technology

2015

Smart Metering
DARZ.CA
2018

Cash Register Regulation
DARZ-TSE-PKI
2023

VMware
Encryption SaaS
2024

DARZ Managed PKI & CLM
powered by MTG
2025

DARZ energy@Web-API-Services powered by MTG

Managed in Germany

Data Sovereignty & Security

DARZ operates the service in a highly secure, multiply certified green IT data center in Germany — under its own responsibility and control, and in full compliance with German and European security and data protection requirements. The processing of cryptographic keys and related certificates takes place within the infrastructure operated and managed by DARZ. Sovereignty over security-critical data remains with the customer at all times.

Redundant connectivity to all major internet exchange points, including Frankfurt, ensures high availability and performance. As a local infrastructure service provider, DARZ meets the highest standards — including in hybrid and multi-cloud environments.

Certified Security

Certifications

DARZ holds all relevant certifications required for the secure operation of PKI services in critical infrastructures and complies with legal and regulatory cybersecurity requirements.

  • EN 50600 CAT III (High availability n+1)
  • ISO 27001:2022 – Full scope (data center, infrastructure, and personnel)
  • BSI TR-03145-01 – Energy utilities (smart metering)
  • BSI TR-03145-05 – Fiscalization regulation / cloud systems
  • BSI Cloud Computing C5 (including Managed PKI & CLM)
  • TISAX® Assessment Level 3

Infrastructure Operating Model

Operation of Managed PKI & CLM

The services of DARZ Managed PKI & CLM are delivered and operated by DARZ and its IT security experts. Companies can use their PKI immediately without having to build or operate their own systems, allowing them to focus on securing their business processes.

The service enables trusted authentication, verification, integrity, and encryption for critical and sensitive applications. A dedicated root CA is established for each customer as the central trust anchor. Under this root CA, one or more subordinate CAs can be operated to issue use-case-specific certificates.

Operations are designed to be fail-safe and scalable across two German locations in Darmstadt and Frankfurt am Main. The customer-specific signing keys of the MTG CA are secured using a Hardware Security Module (HSM) certified to FIPS 140-2 Level 3 and Common Criteria EAL4+ (EN 419 221-5). An HSM is deployed at each site in Darmstadt and Frankfurt, clustered via an RFS server (RFS = Remote File System).

High Availability at DARZ (© MTG AG)

As part of the DARZ Managed PKI & CLM offering, all operational, security, and availability services required for reliable use in a production environment are included:

  • 99.98% high availability
  • PKI cluster operations
  • Backup & disaster recovery
  • Monitoring & log file management
  • Firewall-as-a-Service
  • DDoS protection and load balancing
  • Update management (software & hardware)
  • 24/7 support via ticket, email, and phone
  • HSM-as-a-Service
  • LDAP (optional, available upon request)

99.98%

High Availability

Made in Germany

MTG Technology Foundation

The technological foundation of the service is the MTG ERS ® platform developed by the German encryption specialist MTG. MTG provides the underlying PKI, CLM, and key management components, which have proven themselves in years of productive use and are continuously enhanced to meet current technological, security, and regulatory requirements.

All ERS ® technologies used are also available as on-premises solutions in the event of specific customer requirements.

MTG is certified according to ISO 27001 and ISO 9001.

Architektur MTG Enterprise Resource Security (© MTG AG)

DARZ Managed PKI & CLM is based on the MTG Certificate Lifecycle Manager and the MTG Certification Authority (MTG CARA) of the MTG ERS® platform. For customers with an existing Microsoft PKI (AD CS), the MTG Autoenrollment Connector also enables the use of the CLM alone for centralized certificate management.

Full Control. Less Errors. More Automation.

PKI Made Easy – Start for Free Today!

We support you every step of the way to your own corporate PKI.

Get FREE PKI & CLM DARZ Managed PKI & CLM – Full version ready for instant use. No cost, no setup, limited to 50 certificates.
Do you have questions?
“We develop based on the latest technologies and focus on simple user guidance.”