SSL Certificate Management Problem
An IT system that had been running without any hiccups suddenly came down to halt, and it turned out to be an expired SSL certificate on one server. This kind of failure could happen to any IT system if there is no appropriate certificate management system in place. If you have growing number of server certificates you are probably facing the following challenges.
Server Certificates : Challenges for IT Managers
- Steps for generating private key / CSR too complex and error-prone.
- Steps for installing server certificate/key too complex and error-prone.
- Storage for private keys,passwords, certificates, purchase history, deploy history are not well managed or backed up.
Server Certificates : Challenges for IT Executives
- How to combat risks of system failures related to server certificates?
- Are expirations of various certificates scattered in company under our management ?
- Note it’s not only commercial certificates but also privately generated ones within the company.
- How can we optimze cost for purchasing increasing number of certificates?
Server Certificate Manager will address the challenges
Server Certificate Manager will realize the following
1) Acquire
|
With single click, generates private key and CSR |
2) Install
|
Automates installation of certificate and key to target servers |
3) Monitor / Discover
|
Monitors installed certificates. Also discovers unmanaged certificates used in server network |
4) Notify
|
Notifies statuses of certificate acquisition and deployment processes
|
Record/Retain
|
Records all certificates, keys and histories of acquisition/deployment/monitor |
Benefits
- Reduce operational cost by minimizing work of server engineers and bringing all control on server certificates to certificate administrators.
- Reduce security and availability risks for system failures by eliminating server certificate that are expired, mis-configured or non-compliant with company policies.
- Optimize costs for acquiring certificates by strategically planning certificate procurement, e.g., you could switch to the builtin private CA for some class of uses and to a lower-cost CA for others, or consolidate all certificates on a single CA thereby obtaining volume discount.
| Screen shot: in deployment process | Screen shot: Certificate status list |
 |
 |
System Requirements (as of 2010/2)
- Supported Platforms: Windows XP, Windows Server 2003, Windows Server 2008
- Supported Target Servers: IIS, Exchange2007,JKS-generic, Apache/Linux, VMware ESXi and vCenter, other OSS servers.
(See release notes for complete list).
Other SSL-enabled server applications (manual certificate installation)
Product Information
- Two-page product leaflet (letter size), VMware solution leaflet
- Technical white paper - Product Overview.
- Product documentation is available from Download page.
- The beta version was reviewed by SSLShopper.com.
- New: Release Candidate version with new Certificate Discovery feature is now available for download. The latest version also includes checks for SSL/TLS renegotiation vulnerability of servers. Please see this page for details.
- Test Report with Ubuntu Server 9.04
- Part 1: Planning for Acquiring and Deploying Certificates : PDF
- Part 2: Configuring SSL on Server : (In translation)
- Part 3: Defining Certificate Specs and Obtaining Certificates : (In translation)
- Part 4: Deploying and Monitoring Certificates : (In translation)
- Part 5: Best Practices for Security and Operations : (In translation)
Product Editions
- Server Certificate Manager Basic Edition
Offered as a freeware. Can manage up to five server certificates.
- Server Certificate Manager Standard Edition
There is no limit on number of certificates managed. - Other Customizations, etc
We can customize the software to suit your needs, such as automating enrollment with a specific CA whose products you are reselling. Please contact Kousec Software for details.
Inquiry
Please contact us.