Maintaining a threat-free network requires much more than just securing your domains with SSL certificates. For organizations that deal with a large SSL environment, the process of purchasing, deploying and renewing SSL certificates often proves to be cumbersome, time-consuming and has hardly been straightforward. Oversight, manual errors, improper configuration, weak ciphers, and expiration often lead to downtimes, compliance issues and security breaches.
Key Manager Plus ensures complete management of certificate life-cycles for public facing websites by integrating with Let's Encrypt, the open Certificate Authority. A certificate request to Let's Encrypt is raised following the creation of a private-public key pair. After handling the verification challenges, the procured certificates are deployed onto the respective domain servers directly from the product interface. Key Manager Plus consolidates the certificates and facilitates timely renewal on expiry.
The following flow diagram briefly explains certificate life cycle management workflow:
Step 1: Request certificate
Raise a certificate request using Key Manager Plus' certificate request tool.
(Note: You can request certificates only for public domains using this feature)
Step 2: Get certificate
Key Manager Plus takes the request forward to Let's Encrypt CA. Let's Encrypt issues the certificate after verifying your domain through a set of challenges.
Step 3: Verification
On receiving the request, Let's Encrypt issues a set of challenges to verify your ownership of the domain. Key Manager Plus automates domain verification by fulfilling these challenges. After domain verification, Let's Encrypt issues the certificate which gets added to Key Manager Plus' certificate repository.
Step 4: Deploy certificate
Centralize deployment of acquired certificates to corresponding domain servers, automate certificate renewals and track them for expiry from Key Manager Plus interface.
Check out this video to learn how you can enforce automation on managing certificate life cycles (request, acquire, deploy, track and renew) for your public facing websites by leveraging Key Manager Plus' integration with Let's Encrypt CA.
Key Manager Plus is integrated with ManageEngine’s Password Manager Pro, to provide unified privileged identity management platform.
ManageEngine’s Key Manager Plus enables us to stay on top of SSL certificates for all of our websites. With Key Manager Plus, we’re able to monitor which certificates are nearing expiration and roll out new certificates in a timely manner.Ken Odibe Senior cloud infrastructure consultant, Sapphire systems.