A founder who has done this before.
At scale, through one industry shift already.
Built by someone who has run a CA reseller and a lifecycle-management platform at scale before.
From CertCenter to NextPKI.
NextPKI is a product of Datargo GmbH, a German limited liability company. The person building it is not new to this market.
Andreas Mallek previously built and operated CertCenter AG, the European TLS-certificate and certificate-lifecycle-management platform that was acquired by DigiCert in autumn 2020. Building NextPKI is the next iteration of that work, with the lessons applied from day one.
He brings more than 25 years of hands-on experience across SSL/TLS protocols, applied cryptography, and PKI operations at scale. He has shipped CA-integration code against every public CA we now resell, written discovery scanners that ran in production networks, and operated the back office of an EU certificate business through the kind of regulatory turbulence that is now hitting the wider market again.
Twenty-five years in the certificate market, operating, building, and selling, converged on one observation: discovery is the bottleneck, not issuance. The CA market is mature. The lifecycle-management market, for everyone outside the Fortune 500, is not. NextPKI is what I wished existed when I sat on the operator side of this.
The gap in the middle of the market.
Operations teams sit in an uncomfortable middle ground: too many certificates for a spreadsheet, too few for Venafi. The CA-bundled tools work but lock you in. So most teams build their own scripts, the scripts break, and someone gets paged at 03:00 because a certificate expired.
The deadlines coming through 2026 to 2029 (47-day TLS validity, mandatory MPIC, eIDAS 2.0, the PQC migration) make manual operations stop working. I am building what I wished existed when I last sat on the operator side of this market.
For company background, partnership enquiries, or a contact form, see Datargo.
EU regions. Auditable where it matters.
Customer data stays in EU regions. Code is open where the customer needs to audit it (the sensor, AGPL-3.0). Everything else is proprietary.
Pilot programme is open.
Email reaches me directly during the pilot phase. Replies inside two business days.