Organizations follow different processes for obtaining and deploying SSL certificates. Some organizations have centralized controls and handle all creation, deployment and renewals. However, it is not uncommon to see organizations following a decentralized process where users are allowed to create Certificate Signing Requests and obtain certificates independently.
Irrespective of centralized or decentralized creation processes, organizations need complete visibility over all the certificates being used in the organization. Without any visibility over the certificates and their details, administrators can neither organize nor manage them. Manual processes to achieve such visibility and continuously maintaining it are cumbersome and error-prone.
Administrators must be provisioned with an automated method to discover all SSL certificates in the network, regardless of the CA (Certificate Authority). All these certificates, with their details, must be stored centrally, to enhance visibility. This helps prevent the use of invalid or rogue certificates in the network.
Key Manager Plus helps you deal with these issues by allowing you to automatically scan and discover all SSL certificates in your network, regardless of the CA, including those that are self-signed. The discovery process can also be scheduled to occur periodically, to update the repository with the certificates that are further added to the network. The certificate files, or those available in the keystore can also be directly imported to Key Manager Plus, saving your time. Thus, using Key Manager Plus, the administrators can gain complete visibility over the SSL environment, and thereby locate and remediate any rogue or invalid certificates that are active in the network.