Gain Visibility and Control Over SSH, SSL Environments





Web-based SSH Key and SSL Certificate Management Solution for Enterprises

ManageEngine Key Manager Plus is a web-based key management solution that helps you consolidate, control, manage, monitor, and audit the entire life cycle of SSH (Secure Shell) keys and SSL (Secure Sockets Layer) certificates. It provides visibility into the SSH and SSL environments and helps administrators take total control of the keys to preempt breaches and compliance issues.

Quick Download
Download Key Manager Plus and start your free trial in less than 2 minutes!
For complete list of download options (32/64 - bit versions of Windows & Linux), visit our download page.

What Problems Does ManageEngine Key Manager Plus Solve?

Safeguarding data in transit has always been a big challenge for security administrators. While SSH keys have helped organizations ensure security in remote administrative access and data transfer, digital keys present some unique challenges.

Usually, SSH keys are left unmonitored and unmanaged, making organizations vulnerable to cyber attacks. In the absence of an automated system, getting the list of all the keys in use, finding and restricting access privileges, and ensuring periodic rotation is a herculean task.

Similarly, managing a Secure Socket Layer (SSL) environment can be daunting when organizations use a large number of SSL certificates issued by different vendors with varying validity periods. On the other hand, SSL certificates left unmonitored and unmanaged could expire, or rogue/invalid certificates could be used. Both scenarios could lead to service downtime or display of error messages that would destroy customer trust in data security and, in extreme cases, even result in security breaches.

ManageEngine Key Manager Plus has been designed to solve all these issues and serves a one-stop solution for managing all digital identities.

SSH Key Management With Key Manager Plus


Discover SSH systems in the network, enumerate users, and private keys.

Consolidate and Store

Consolidate all discovered SSH keys in a secure, centralized repository.

Create and Deploy

Create new key pairs, associate with users, and deploy on target systems.

Rotate Keys Periodically

Rotate key pairs automatically at periodic intervals.

View Key User Relationship

Get a holistic view of the key to user relationship across the organization.

Launch Direct Connection

Launch a direct SSH connection with target systems.

Audit and Track

Audit and track all user activities and generate reports.

Restrict and Regulate Access

Associate specific resources to users and establish granular access controls.

Ensure Compliance

Manage SSH keys better, comply with regulations such as SOX, FISMA, PCI, and HIPAA.

Configure Key Management Policy

Enforce policies for key creation. Remove all existing keys for a fresh start or append new keys.

Active Directory Integration

Import users / user groups from Windows Active Directory and also leverage the authentication mechanism.

Schedule Database Backup

Provision for scheduled backup of entire database for disaster recovery.


SSL Certificate Management With Key Manager Plus



Discover all SSL certificates deployed in the network.

Centralized Inventory

Centralized Inventory

Consolidate all discovered certificates in a secure, centralized repository.

Track Certificate Details

Track Certificate Details

Track the name of the CA, date of issue, encryption algorithm, key length and other vital details.

Control Certificate Signing Requests

Centrally control new Certificate Signing Requests (CSR) process. Get ready-to-use CSR data files.

Expiration Alerts

Receive alerts about the certificates that are about to expire.

Ensure Compliance

Ensure usage of strong encryption algorithms key lengths. Identify and eliminate weak ones such as SHA-1 certificates.

End-to-end Certificate Life-cycle Management with Let's Encrypt

Streamline your certificate life-cycle management process. Automate acquisition, issue, deployment, reissue, renewal and revoking of domain validated certificates from Let's Encrypt CA.

Manage Active Directory
User Certificates

 Discover, track and manage certificates mapped to user accounts in the Active Directory.

Manage Certificates in MS Certificate Store

 Discover, track and manage certificates from Microsoft Certificate Store.


Benefits of Key Manager Plus

  • Gain complete visibility of all SSH keys and SSL certificates present in the organization and achieve centralized control.
  • Remove all existing public key-user trust relationships and generate new key pairs. Deploy the new public keys to users in bulk with just a couple of clicks.
  • Tighten security by periodically rotating keys and prevent their misuse.
  • Launch direct connections to remote devices by using the keys present in Key Manager Plus, saving time and enhancing productivity.
  • Delete any unwanted keys from the database, terminate access immediately, and prevent violations by obsolete accounts.
  • Get customizable, recurring notifications when the validity of an SSL certificate is about to expire.
  • Eliminate service downtime or display of error messages due to expired/invalid/rogue SSL certificates.


Supported platforms for product installation


Windows, Linux



Local, Active Directory (for Windows)

Supported SSH version



Backend database


PostgreSQL (bundled with the product)




Supported protocols


RSA (1024/2048/4096 bit) and DSA (1024 bit)

Editions & Licensing

Evaluation Free Standard

Manage upto 50 keys*

Valid for 30-days. Automatically turns into free edition at the end of the trial.

  • Valid forever
  • Manage upto 5 keys*
  • Licensing is based on the number of managed keys*

The term 'Keys' refers to the number of SSH private keys plus SSL certificates plus any other digital key being managed.