One Vault For All Your Important Information Objects

The security of your business and cloud IT data depends on the safety of your cryptographic keys, SSL certificates, database tokens and other opaque objects. We can help you protect these critical IT secrets from unauthorized access and meet strict data security regulations.

Gazzang zTrustee™ is a key and certificate manager that stores and manages cryptographic keys, certificates, configuration files, tokens and any other “opaque object” an enterprise maintains to secure its most sensitive data.

The SaaS or on-premises solution features robust, highly configurable, easy-to-implement policies governing access to your information objects, keeping your most important business and IT information is safe. With policy driven controls and security, IT operations professionals are assured that the correct, “trusted” objects are delivered.

The zTrustee Management Console, available for on-premise implementation, displays metadata including key/certificate file description, date of deposit and expiration, policies for retrieval and authentication details. Security objects that can be monitored through the console include:

  • SSL certificates
  • X.509 certificates
  • Encryption keys
  • SSH public/private keys
  • API keys
  • Java KeyStores for Hadoop and Cassandra
  • GPG keys
  • Passwords and passphrases
  • Configuration files
  • Directory structures


zTrustee Management Console View
Fig1. - Overview of a sample organization’s zTrustee Management Console Main Screen
zTrustee Virtual Safe Deposit Box
Fig2. - Sample list of items placed in zTrustee “virtual safe deposit box”
zTrustee Deposit Detail
Fig3. - Sample zTrustee deposit detail

zTrustee implements the specific subset of the KMIP standard most applicable for cloud environments, specifically handling Opaque Cryptographic Objects as specified in section 3.21.5 of the KMIP Usage Guide 1.0 document. The solution also leverages OpenSSL and libgcrypt cryptographic libraries, which can be configured for FIPS 140-2 compatible operation.

And because zTrustee thoroughly logs all of the actions associated with key and object creation, distribution, escrow, expiration, revocation and more, you can be sure your organization meets most data protection regulations for compliance. Learn how zTrustee can help solve your key and object management challenges.


  • Highly secure and highly available zTrustee server can store any information object – structured and unstructured – including Gazzang cryptographic keys and encryption keys from other vendors or open source utilities
  • Offers a unique multi-factor authentication solution built for cloud environments
  • Enforces a broad range of policies for object authorization, expiration, revocation, retrieval limits and more
  • Detailed logging and reporting on all activities associated with object deposits, requests, retrievals and policies
  • Management console provides "at-a-glance" overview of transactions, as well as a mechanism for certificate management