Managing a Secure Socket Layer (SSL) environment can be daunting when organisations use a large number of SSL certificates issued by different vendors with varying validity periods. On the other hand, SSL certificates left unmonitored and unmanaged could expire; or rogue/invalid certificates could be used. Both scenarios could lead to service downtime or display of error messages that would destroy customer trust in data security, and in extreme cases even result in security breaches. Key Manager Plus simplifies and automates SSL certificate management and helps overcome these issues. "Managing SSL certificates is often the most overlooked function by IT organisations until a disaster strikes, like the use of an outdated cipher bringing reputation and financial loss to enterprises,” said Rajesh Ganesan, director of product management at ManageEngine. “Now, Key Manager Plus helps IT teams prepare for and prevent disasters by automating critical key management functions. While the market is abound with tools serving very specific key management needs, it is hard to find a complete solution that manages all types of digital keys. Key Manager Plus fills that void with a one-stop solution for managing all digital identities."
Visibility and Control Over SSL Deployment
Key Manager Plus enables centralised management and visibility over the SSL certificates across the network. Highlights of the new release include:
· Discovery: Discovers all SSL certificates deployed in the network, irrespective of the issuing certificate authority (CA), including self-signed ones.
· Centralised inventory: Consolidates all discovered certificates and stores them in a secure, centralised repository for easy access and management.
· Track certificate details: Tracks all certificate information, including name of the CA, date of issue, encryption algorithm, key length and other vital details.
· Control certificate signing requests (CSRs): Centrally controls new CSR process. Handles key-pair creation process, and provides ready-to-use CSR data files to be sent to the CA for getting new certificates.
· Expiration alerts: Tracks certificate validity and sends alerts about the certificates that are about to expire. Generates reports on expiry status of certificates.
· Flag SHA-1 certificates: Identifies certificates that use SHA-1 hashing function (which is found to be weak), prompting administrators to revoke the certificates and create new ones.
· Ensure compliance: Ensures that the encryption algorithms and underlying key lengths comply with various industry regulations.
With the latest enhancements to Key Manager Plus, the privileged identity management suite from ManageEngine gives users the tools needed to consolidate, control, manage, monitor and audit the entire life cycle of all types of privileged identities - passwords, SSH keys and SSL certificates alike. The suite also includes Password Manager Pro, the company's privileged password manager for enterprises that need privileged account management, remote access management and session management.