Skip to content

Establish trusted digital interactions between people & machines

DXC Key & Certificate Services

Secure data storage and communication to establish digital trust and streamline regulatory compliance

DXC Key & Certificate Services provide centralized management of encryption keys and certificates to protect digital assets when stored or during communications between people and machines. Our services help you accelerate cloud migration of your data and applications, while ensuring compliance with data residency laws and protecting the confidentiality and integrity of your data in resilient and elastic cloud computing environments. Authenticate and authorize access for people and machines, thereby addressing the risks that come when data is spread across mobile devices, laptops, IoT devices, database, data centers, private and public clouds, and SaaS providers’ applications. Gain visibility into where your data is held and how it is classified so that you can consistently apply data protection policies with your encryption key management service, and streamline regulatory compliance and reduce costs by consolidating key and certificate management in a single platform, establishing digital trust.

What's included

Infrastructure certificate issuance

Manage the life cycle of keys and certificates for people, hardware and IT services.

Consolidated management

Manage multiple internal and external certificate authorities via a single pane of glass to reduce complexity and cost.

Cloud encryption key management

Use a single platform to manage keys for encrypting data and authenticating workloads and services across cloud environments.

Expert consultants and advisors

Work with our consultants to assess and design a tailored future-state, while our architects implement and test technology to modernize and align with business goals and regulatory compliance.


DXC provides a set of sensors and agents to scan for your public and private TLS/SSL certificates across your enterprise network and public Internet host, both on-premises and in the cloud, to find your digital certificates.   

Enterprises need to track their inventory of issued certificates to know where they are used, who issued them, how they are being used and when they will expire. DXC manages the complete lifecycle of certificates from issuance by certificate authorities (CAs), through provisioning, revocation, renewal and reissue. This includes validating, installing the certificate on the target (such as a server), and taking the appropriate steps to ensure that the certificate will not expire to avoid operational impact on services or business revenues.

DXC uses PKI to secure communication between IoT devices and their managing platforms, delivering data confidentiality, integrity, authentication and authorization.

DXC manages the lifecycle of cryptographic keys: generation, exchange, storage, use, crypto-shredding and renewals. This includes designing and documenting relevant cryptographic protocols, key servers and processes. 

DXC makes it possible for your employees to use your private cryptographic keys via an HSM — computer hardware that securely stores them, ensuring they are accessible only to authorized users; there’s no need for your workers to have direct access to those keys. Keeping your private keys out of the hands of end users or application software reduces the attack surface. Our HSM module prevents key leakage, performs key generation, and creates encryption and decryption algorithms fast and efficiently.

DXC encodes data so it can be read only by those with the correct digital key that can decrypt the data, whether that data is stored in a physical data center, in a third-party storage application, or in a private or public cloud. Our key and certificate services helped a global manufacturing company transition to a multi-cloud environment, increasing scalability and reducing costs while maintaining stringent security measures.

of enterprises believe implementing encryption external to the cloud, key management and separation of duties enables digital sovereignty in the public cloud*
of enterprises use 5 or more key management systems, rather than a single platform to reduce complexity and costs*
classify less than half of their data, making it hard to apply the correct policies, controls and encryption for regulatory compliance*

*Thales Data Threat Report 2024, based on a global survey of 2,931 enterprises. 

Who can benefit

Consider DXC Key & Certificate services if:

  • You have a cloud-first strategy and are seeking to maximize the value of your investment in moving workloads and data to public cloud providers, to gain the benefits of elastic computing, high availability and cost savings — while remaining compliant with regulations on data privacy and data residency regulations that require you to hold and manage your own encryption keys to deliver digital sovereignty.
  • Your complex enterprise is challenged to follow strict compliance regulations to consume key and certificate services, thanks to a legacy burden of multiple certificate authorities, complex manual cryptographic processes to follow and a lack of visibility of deployed certificates and key usage. You are acutely aware that unplanned expirations will result in operational disruption, loss of revenue and damage to business reputation.
  • You need to reduce the costs of manual cryptographic processes and remove legacy encryption technology that is inflexible in the face of fast-changing business and technology requirements. You need key and certificate services that operate at scale and support new and increasingly automated ways of doing business in a hyperconnected digital world where sensitive data is widely dispersed across edge devices, traditional data centers, public clouds and SaaS providers.
  • You are transforming to a DevSecOps approach to developing and operating your software and data services. Your developers will need easily consumable key and certificate services that can be shared across the enterprise. 
  • You are implementing an Industry 4.0 solution for your connected machinery and IoT devices that needs high-availability PKI suitable for factory floor operations, while abiding by regulatory frameworks mandating compliance requirements for vehicle-to-infrastructure connectivity or IoT and Industrial Internet of Things (IIoT) ecosystems.


Companies choose DXC because we have deep experience in achieving compliance for secure data storage and communications for mission-critical services for customers in heavily regulated industries. Here’s what you can expect when you work with us:

Strong security approaches 

DXC advocates for Zero Trust security, and employs robust data encryption protocols to safeguard information at rest and in transit across public, private and hybrid clouds, and other venues. 

Access to expertise

DXC’s security experts are skilled in addressing industry and governmental regulations, including the Payment Card Industry Data Security Standard (PCI DSS), General Data Protection Regulation (GDPR) and data breach laws.

Widespread integration

DXC customers benefit from support for authentication and data encryption for joined-up technologies from our broad portfolio, which spans cloud platforms, enterprise applications, IT operational support and more.

❝ DXC is positioned as a Leader in NelsonHall’s 2024 Cyber Resiliency Services NEAT evaluation due to its rich experience that has enabled the development of its blueprints, playbooks, and security platforms, supporting clients in meeting regulatory requirements and improving their overall cyber resiliency posture. ❞

Mike Small
Senior Analyst, NelsonHall

Source: NelsonHall names DXC a Leader in cyber resiliency services


DXC delivers Key & Certificate Services services alongside leading partners and key collaborators.

Commonly asked questions about Key & Certificate Services

Yes, both for communication between connected machines on the production line and to inject certificates into connected devices and components at time of manufacture. DXC is committed to delivering secure and seamless integration of the key and certificate lifecycle management for high-volume production lines with strict quality, safety and regulatory compliance requirements. 

Yes. DXC enables you to consolidate multiple certificate authorities and processes from corporate ITSMs such as ServiceNow into a single, well-documented process and management platform. This makes it easier for developers, business partners and even IT systems to request and consume keys and certificates either directly from the new key and certificate management platform via APIs, or from a single pane of glass for request and ticket management of your corporate ITSM. 

Yes, DXC Key & Certificate services enables customers using multiple public clouds and external SaaS providers to retain control of all their keys centrally, so they are free to port data and workloads between service providers with confidence that they are enforcing sovereign control and retaining exclusive access to their own data. 

A European healthcare software company partnered with DXC for KCS to accelerate its cloud journey, utilizing a more complete set of Microsoft Azure capabilities while remaining compliant with strict GDPR regulations around patient healthcare data.