Key Manager Plus
ManageEngine Key Manager Plus is a web-based key management solution that helps you consolidate, control, manage, monitor, and audit the entire life cycle of SSH (Secure Shell) keys and SSL (Secure Sockets Layer) certificates. To learn more about the features and functionalities of Key Manager Plus, click here.
Integration of Key Manager Plus with ServiceDesk Plus MSP allows you to automatically log requests based on the alerts raised in Key Manager Plus for certificate expiry or vulnerability. You can remotely deploy certificates, renew certificates, or perform vulnerability scan on certificates directly from ServiceDesk Plus MSP. Also, you can sync certificates from CMDB in ServiceDesk Plus MSP with Key Manager Plus.
Currently, the renewal of certificates is supported only for Self-signed certificates and Microsoft CA SSL certificates.
Configuring the Integration
Integration of Key Manager Plus with ServiceDesk Plus MSP requires a two-way configuration depending on the requirements. Configuring integration in ServiceDesk Plus MSP only allows you to access Key Manager Plus via a quick-link button. For enabling actions such as deployment, renewal, and scanning that can be performed directly from ServiceDesk Plus MSP, the integration must be configured in both applications.
Prerequisites
The integration of Key Manager Plus with ServiceDesk Plus MSP relies on auth tokens from Key Manager Plus and ServiceDesk Plus MSP. To obtain it, follow the steps below.
Obtaining Auth Token from Key Manager Plus
-
Log in to Key Manager Plus
-
Navigate to Settings > General Settings >API Key.
-
Select Enable for API Key Access and click Generate.
The generated API key serves as the Auth Token and it is user-dependent.
Obtaining Auth Token from ServiceDesk Plus MSP
-
Log in to ServiceDesk Plus MSP.
-
Click the user profile icon on the top-right and click Generate API Key.
-
In the popup that appears, select your preferred expiry status and click Generate.
The generated API key serves as the Auth Token and it is user-dependent.
Configuring the Integration in Key Manager Plus
For raising tickets in ServiceDesk Plus MSP
-
Go to Setting > Ticketing System.
-
Choose Enable under Ticketing Systems and select ServiceDesk Plus MSP under Help Desks.
-
Provide the Technician Key and Server URL as obtained from ServiceDesk Plus MSP.
-
Select the types of tickets that need to be logged in to ServiceDesk Plus MSP as required:
-
Create ticket for SSL certificate expiry
-
Create ticket for SSL vulnerabilities
-
Finally, click Save.
For enabling deployment, renewal, syncing, and scanning of certificates with ServiceDesk Plus MSP
-
Go to Settings > ServiceDesk Plus MSP.
-
Under the Server Configuration tab, provide the Technician Key and Server URL as obtained from ServiceDesk Plus MSP.
If you have already configured ServiceDesk Plus MSP in Ticketing Systems the same details will be used.
-
Navigate to the CMDB tab, select Enable for Certificates Sync and choose and configure the CI Type.
-
Create New CI Type
-
Provide CI Type and Parent CI Type.
-
Use Existing CI Type
-
Provide existing CI Type and click Fetch Attributes.
-
Map the certificate fields with CI attributes as required.
-
Finally, click Save.
Configuring the Integration in ServiceDesk Plus MSP
-
Go to Admin > Integrations > Key Manager Plus.
-
Provide KMP Hosted URL and Auth Token.
-
Configuring Actions (optional): To configure or edit the actions Deploy Certificate, Renew Certificate, and Scan Vulnerability, click the name of the action or the edit icon against it, and do the following.
-
Provide Action Name and Description.
-
Associate Roles: Choose any of the following as required.
All Roles - Select this to associate all roles with this action.
Select Roles - To associate specific roles, select this and add your preferred role using the combo box. -
Associate Roles: Choose any of the following as required.
All Templates - To associate all incident and service templates with this action
All Incident Templates - To associate all incident templates with this action.
All Service Templates- To associate all service templates with this action.
Select Templates - To associate specific templates, select this and choose your preferred incident or service templates from the multi-select picklist.
Click Update. -
Finally, click Save.
Make sure Enable Key Manager Plus menu has been checked for the menu to be shown to the technicians.
Deploy, Renew, and Scan Certificates
You can perform various actions namely deploy or renew certificates and scan vulnerabilities in certificates directly from ServiceDesk Plus MSP. These actions will be available under Custom Actions in the request details page of tickets logged in from Key Manager Plus.
Currently, the renewal of certificates is supported only for Self-signed certificates and Microsoft CA SSL certificates.