Managing Certificates

Certificate Management is a one-stop solution that allows you to monitor and manage all the SSL (Secure Sockets Layer) certificates installed within an organization. This includes Application servers, Web servers, and Application Delivery Controllers (ADCs). The certificates and their keys are essential to identify the authenticity of a website and to encrypt the data sent to the server.

In AppViewX, Certificate Management provides the following capabilities:

  • Automatically discover the SSL certificates within the network of an organization.
  • Monitors the validity of all the SSL certificates and alert you through email or SNMP trap before the certificate expires.
  • Allows certificate management actions such as creating a new certificate, renewing certificates, and revoking certificates.
  • Role-Based Access Control (RBAC) allows you to create a customized role to perform selective actions on certificates.
  • Provides visibility of a holistic view of a certificate with complete information about the certificate.
  • Allows policy-driven compliance check and certificate enrolment action in a single console without manual intervention.
  • Ability to migrate to the recommended standards such as SHA-1 or SHA-2.

Certificate Lifecycle Automation using Visual Workflow

Workflow is used for selective restriction of work order approval and implementation with either Read or Read/Write permission. Based on the workflow associated, a user can Approve, Implement, Reject, or Discard a work order. Visual workflow allows the user to automate & orchestrate the certificate lifecycle. It provides the capability to define a custom business process based on the organization's needs. It allows for having a custom workflow approval process as part of the automation process. Users must be assigned with privileges to the workflow templates in a Certificate based on the role assigned.

AppViewX provides pre-built out of the box workflows to automate the certificate lifecycle process to perform:

  • Bulk_Cert_Renewal_Implementation
  • Cert_Generation_Implementation
  • Cert_Push_implementation
  • Cert_Renewal_Implementation
  • Cert_Revocation
  • Cert_Rollback_implement

The Certificate screen within the Inventory module allows you to perform the following inventory-related tasks for server and client certificates:

  • Discover a certificate
  • View certificate topologies
  • Add different kinds of connectors to client and server certificate topologies
  • Create a certificate
  • Push a certificate to a device
  • Renew a certificate
  • Reissue a certificate
  • Regenerate a certificate
  • Revoke a certificate
  • Rollback a certificate
  • Generate a CSR (server certificates only)
  • Submit a CSR to a Certificate Authority
  • Download a CSR for a certificate
  • Assign or unassign a group to a certificate
  • Change the status of a certificate
  • Upload a certificate
  • Download a certificate(server certificates only)
  • Export a certificate
  • Upload a certificate key
  • Download a certificate key
  • Configure certificate settings
  • Delete a certificate
  • Run SSL checker on a certificate(server certificates only)
  • Create a certificate group
  • View and edit the system settings for each of the server vendors
  • Configure a Programmable Certificate Authority

For Device certificates, you can perform the following tasks:

  • Export a certificate
  • Download a certificate
  • Renew a certificate
  • Reissue a certificate
  • Regenerate a certificate
  • Revoke a certificate
  • Delete a Certificate
  • Assign or unassign a group to a certificate
  • Create a certificate group

For Policy, you can perform the following two tasks:

  • Create a policy
  • Delete a policy

For Intermediate and Root certificates, you can only perform the following task:

  • Download a certificate