Getting started with CERT+

AppViewX CERT+ CLM

AppViewX’s CERT+ CLM provides extensive visibility into the certificate and encryption key infrastructure. It helps to protect the enterprise from security threats and outages due to the unavailability of service and expired certificates. The PKI and Application teams can self-service through automation, which delivers compliance and true business agility.

Key Features of the CERT+:

  • Certificate Discovery

  • Inventory and Management

  • Dashboard for Visibility and Monitoring

  • Certificate Actions for Enrollment and Provisioning

  • Alerts & Logs

  • Groups & Policies

  • Administration

Certificate Discovery

An administrator can leverage CERT+ capabilities to identify certificates through various modes of discovery such as scanning a network to fetch certificates from AppViewX managed servers, devices, or certificates.

Inventory and Management

AppViewX Certificate Inventory is a repository of all the certificates discovered, uploaded, or enrolled via AppViewX. An administrator of the platform can configure role-based access control to an inventory of certificates through Certificate Groups.

Dashboard for Visibility and Monitoring

The dashboard is AppViewX's way of representing all the information about the certificates and certificate Hosting infrastructure. Users can leverage it to gain visibility into the PKI infrastructure and monitor for expiring certificates or compromises to the security posture of the organization. Users are capable of configuring custom widgets providing business-specific views into the Certificate infrastructure.

Certificate Actions for Enrollment and Provisioning

Certification Enrollment allows users to generate CSR, get a CSR signed by a CA, renew or regenerate a certificate, reissue certificate while Certificate Provisioning pushes a certificate to the device, and bind it to the application configurations.

Additional management actions to revoke a certificate, migrate certificates from one CA to another through CA switch, check for revocation status of a certificate using OCSP and SSL checker to validate the deployment of a certificate can also be leveraged by a user.

Alerts & Logs

CERT+ platform alerts you about the certificate expiring within a user-configured time and stores the information about events that have occurred or performed by a user for the certificate lifecycle management. The platform offers additional Alerts which monitor changes to the availability of a certificate on an endpoint. It avoids the unexpected expiration of certificates with alerts and notifications to save time and secure the enterprise network.

Groups & Policies

The certificates generated/discovered in the CERT+ platform can be logically grouped together for ease of management. All the certificate actions on a specific group can be restricted via role-based access control (RBAC). The platform comes prebuilt with a Default group to which all the certificates identified from Managed devices are associated. Groups are similar to a folder that stores the number of certificates with similar components.

The policy is a set of rules that can be enforced on a Certificate Group. A defined set of certificate parameters can be created as policies. This helps in enforcing security compliance over certificate creation across the organization. All the certificates discovered and inventoried are compared against the policy to identify non-compliance.

Administration

This feature helps in administrative activities such as saving a certificate Keystore password into password vault, configuring auto-enrollment, certificate authority, device management, certificate profile, programmable certificate authority, programmable application endpoint, job scheduler, certificate attributes, email settings, and actions on an expired certificate and history of the certificate.

CLM Automation

Certificate automation enables you to automate the certificate lifecycle process across your enterprise through a configurable workflow engine. The platform allows to automate and orchestrate not just CLM actions above but also configure change and process automation defined by the organization processes.