SSL certificates form the backbone of secure communication between websites and browsers, which enterprises are progressively relying on to secure their in-house applications. From a best practice approach, organizations generally set up an on-premises certification authority (CA) and deploy SSL certificates issued by the local CA onto various applications and services within their network. Microsoft Certificate Authority is a widely used internal certification tool that receives and signs certificate requests as well as issues certificates within the network.
However, the chain of operations—certificate request, deployment to specific servers or applications, and periodic renewals—is not only labor-intensive, but also highly prone to errors when done on a large scale (e.g. for a large number of servers and applications). A centralized mechanism can streamline all these operations and automate certificate life cycle management.
Key Manager Plus, our web-based SSH key and SSL certificate management solution, centralizes and automates the acquisition, deployment, and renewal of certificates issued by Microsoft Certificate Authority. In a few simple steps, you can streamline certificate requests, acquire and save the certificates to Key Manager Plus' centralized certificate repository, deploy them onto required web servers, and automate certificate renewal based on your own schedule. Here's a quick glimpse of how it works:
To begin, you have to generate a Certificate Signing Request (CSR) that more or less acts like a blueprint for the SSL certificate that you are going to acquire from the Microsoft Certificate Authority. This is a simple process that requires providing some basic information about the certificate to be acquired and can be done from Key Manager Plus.
Once the certificate signing request is generated, Key Manager Plus automatically forwards the request to Microsoft Certificate Authority and adds the new certificate to your repository once it's signed. From there, you can track certificate usage and expiration.
From the certificate repository, you can deploy the certificate issued by Microsoft Certificate Authority to web servers and applications across your network.
With Key Manager Plus, you can automatically renew SSL certificates issued by the Microsoft Certificate Authority. Just create a scheduled task for certificate renewals and specify how often you'd like to renew your certificates.
For a hands-on experience, give the trial version of Key Manager Plus a shot. If you need any assistance, please write to us at keymanagerplus-support@manageengine.com.
Click here to download Key Manager Plus.
Key Manager Plus is integrated with ManageEngine’s Password Manager Pro, to provide unified privileged identity management platform.
ManageEngine’s Key Manager Plus enables us to stay on top of SSL certificates for all of our websites. With Key Manager Plus, we’re able to monitor which certificates are nearing expiration and roll out new certificates in a timely manner.Ken Odibe Senior cloud infrastructure consultant, Sapphire systems.