Public Key Infrastructure Certificate Rotation Service and Solution

Solicitation Open: April 7th, 2026

Solicitation Close: April 21st, 2026

Implementation Start: June 1st, 2026

Phased Go-Live: July 1st, 2026

The state of Oklahoma is seeking a vendor to provide a comprehensive public key infrastructure (PKI) certificate rotation service and solution. The selected solution must deliver a Certificate Lifecycle Management (CLM) system capable of handling over 400 initial public-facing certificates, with the ability to scale to support internal, private certificates as well as anticipated future growth.

Key requirements include automated, zero-touch management of the certificate lifecycle, covering certificate requests, issuance, provisioning, renewal, and revocation across all supported environments without human intervention. The solution must also be able to discover, scan, and inventory all existing public and private certificates throughout the network, including servers (Windows/Linux), load balancers (such as F5), firewalls, and application platforms like IIS, Apache, and Java Keystores.

The platform should offer native support for the ACME (Automatic Certificate Management Environment) protocol for public certificates, as well as support for protocols such as SCEP and EST for internal machines and devices. Role-based access control is required, with the ability to delegate certificate management responsibilities to departmental IT staff while retaining centralized policy and oversight. Additionally, the solution must be certificate authority agnostic for strategic flexibility and feature a robust REST API for integration with existing orchestration, monitoring, and ticketing systems, such as Team Dynamix. The contract term is set for four years.