Acala 2.1.6

Acala is a software HSM emulator that acts as a universal key store as well as a cryptographic service provider.

  • maintains a central repository for private keys and X.509 certificates
  • and provides a secure environment for cryptographic operations.Authorized applications run on the Acala host access its services via an industry-standard PKCS#11 API.


Click Here To Talk To Pre-Sales Support To Get A Quote

Please click here to download if you have purchased this software.

System Requirements
  • Windows Server 2012R2 or above
  • Windows 7, 8, 8.1, 10, or above
  • CenOS 6.7 (Linux Kernel 2.6) or above (x64)


This product is currently out of stock and unavailable.

SKU: N/A Category:


Acala emulates a hardware security module to protect X.509 certificates and private keys. It provides a secure environment for cryptographic operations that nearly all security-enabled applications can access.


Acala affords an organization’s servers the functionality of a physical hardware security module (HSM) for a fraction of the cost. It stores each servers’ credentials in a single encrypted file on any designated storage device (e.g., local hard drive, network share, or removable memory device), and provides cryptographic operations to security-enabled
programs through a PKCS#11 application programming interface.

CSfC Applications

In some instances, Acala may be used in a CSfC solution as the PKCS#11cryptographic provider for CertAgent, ISC’s Certificate Authority.  Acala also includes a key generation feature to generate symmetric keys for use in CSfC solutions that don’t use a PKI.

Use Cases for Acala

Safeguarding Keys in a Low Assurance CertAgent Deployment
Acala’s software protection of a CA’s sensitive keys, combined with sufficient protection of the system on which both Acala and the certificate authority reside, enables a low cost solution for a low assuarance certificate authority

Generating Pre-shared Keys for a IKEv1 VPN
Acala supports the generation of symmetric keys in an IPSEC VPN using IKEv1 deployment

Securing Keys in a Prototype, Test, or Development CertAgent Effort
Acala allows the quick establishment of a certificate authority for prototype, test, or development purposes without the expense of a true hardware security module.