End-to-end SSL/TLS certificate life cycle automation
July 3002:00pm HKT | 11:00am GMT | 10:00am PDT
In this episode we will walk you through the end-to-end SSL/TLS certificate life cycle automation of ManageEngine PAM360 and Key Manager Plus. We'll focus on the full loop that runs from discovering every certificate across your environment through renewing it and deploying it onto the right server. The timing, with the 47-day certificate mandate approaching, makes the transition to automated certificate life cycle management especially urgent.
We’ll also address extending this same efficiency to the rest of your machine identities: the SSH keys spread across your servers, the TLS secrets held in Azure Key Vault, and the registered application secrets your Azure integrations depend on. Each of these requires the same discovery, tracking, and renewal you apply to your certificates.
What you'll learn in this episode
SSL/TLS certificate discovery and inventory
Scan your networks, endpoints, and certificate authorities to build a single, continuously updated inventory of every SSL/TLS certificate in your environment, including the ones provisioned outside central IT and never recorded anywhere.
Renewal and post-deployment automation
Run the full certificate life cycle from issuance through renewal. Once a certificate renews, post-deployment automation pushes the new certificate onto the right server and performs the necessary service restarts and script executions. This ensures the renewal finishes end-to-end instead of stalling at the deployment step.
Public and private CA support
Connect to every major public CA and any CA that supports the ACME protocol, manage internal certificates through Microsoft CA, and operate your own private and intermediate CAs within the platform. This enables issuance, renewal, and deployment run from a single console no matter which CA signed the certificate.
Expiry monitoring and proactive alerts
Track expiration dates across the entire inventory, with dashboards and alerts that reach the responsible team well before a certificate is due. With this action, expiry alerts stop avoidable outages even for certificates and servers where automation isn't possible.
Azure Key Vault and registered application secrets
Connect to Azure and bring the TLS secrets held in your key vaults into the same inventory as the rest of your certificates. Create new ones, and deploy them back to the vault, while keeping the registered application secrets your Azure integrations depend on tracked alongside them rather than expiring without warning.
Vulnerability detection and reporting
Periodically scan the servers your certificates are deployed on for known SSL/TLS vulnerabilities, including Heartbleed and POODLE, alongside weak cipher suites. Deprecated protocols such as SSL 3.0, and revoked certificates caught through CRL and OCSP, can also be identified through these scans so flagged certificates and server configurations reach the teams that need to act on them.
SSH key discovery and management
Bring the SSH keys spread across your servers and endpoints into the same managed inventory, rotate them on a schedule, and eliminate the orphaned and duplicated keys behind key sprawl before they become unmonitored paths into critical systems.
Reserve your spot, it's free!
Join our product experts live as they walk you through the product, feature-by-feature.
close
Claim your $25 gift card by reviewing us on Gartner® Peer Insights, Gartner's peer-driven review platform.
The masterclass sessions are organized for the second or third week of every month. View previous episodes here:
Episode 1 Completed
Privileged account and session management.
Watch now
Episode 2 Completed
Least privilege access
Watch now
About the series
What is the PAM Masterclass?
The PAM Masterclass is ManageEngine's annual training series designed to walk users through every core module of PAM360, our unified privileged access management platform. Sessions are structured to be practical and hands-on, so you leave with real working knowledge, not just theory.
New to PAM360?
Just purchased the solution and still finding your footing? This Masterclass takes you through every core module in a clear, structured sequence, providing a reliable starting point for your PAM360 journey.
Need a quick refresher?
Even experienced administrators benefit from revisiting the platform. Each episode is focused and concise, so you can catch up on exactly what you need.
Evaluating PAM360?
See the platform in action before you commit. The Masterclass gives you a guided, real-world look at what PAM360 can do, straight from the team that built it.