Wider DevOps needs sharper identity certificates
DevOps happened, right? So then, users (both Dev… and Ops) now find themselves in a place where they need to manage their digital identities inside increasingy connected systems. This much we can all agree on.
We also know that each user identity (again, both Dev… and Ops) will generally be governed by a certificate (or public key certificate) that governs ownership.
Further still, we know that Private PKI (Public Key Infrastructure) is an enterprise-branded Certificate Authority (CA) that functions like a publicly trusted CA, but runs exclusively for a single enterprise.
Commercial Certificate Authority provider Sectigo has pointed to a ‘widening world’ of DevOps (where many different platforms are potentially used) and suggests that this helps to validate its position as a provider of automated PKI management software.
The company has recently come to market with its Private PKI service for issuance and management of SSL certificates, private PKI and identity certificates for users, servers, devices and applications.
What this means is that Sectigo Private PKI enables users to augment or replace their Microsoft Active Directory Services (Microsoft CA) by managing non-Microsoft devices and applications, including mobile, Internet of Things (IoT), email, cloud and DevOps on one platform.
Outside the MSFT stack
“With the explosion of applications managed outside the Microsoft stack, Microsoft Active Directory Certificate Service no longer addresses all critical use cases. Sectigo Private PKI delivers a managed PKI solution to alleviate problems associated with establishing and managing internal PKI,” explained Lindsay Kent, VP of Product Management, Sectigo.
It’s true, Microsoft’s automatic certificate management allows IT administrators to instruct desktops and servers to enroll and renew certificates without employee involvement.
However, today’s enterprise has many applications that reside outside any Microsoft operating system, leaving administrators (and employees) with the burden of manually tracking, enrolling and renewing certificates and keys.
According to Sectigo, administrators can discover previously issued certificates and then issue, view, and manage all certificates from a single platform – avoiding the risks, errors, or hidden costs associated with manual installation and renewal.
“DevOps environments require high certificate volumes for the just-in-time needs of many computing processes that may live for just hours or minutes. Whether using self-signed CAs on Kubernetes clusters, issuing SSL/TLS certificates into Docker containers, or automating installation of public SSL certificates, today’s enterprises benefit from Sectigo’s ability to host secure offline roots for customer-premise subordinates embedded into DevOps tools,” said the company, in a press statement.
Free, but unworkable
Because of the difficulty of setting up a private CA, many enterprises turn to free public certificates. What often happens here is that they run up against unworkably low certificate volume caps.
Sectigo claims that its Certificate Manager (in conjunction with Automatic Certificate Management Environment (ACME)) can scale DevOps without such interference.
Private PKI use cases extend well beyond DevOps. The service supports all necessary certificate types in a single SaaS application, providing strong digital identity across the enterprise with the assurance of best-of-breed PKI practices and security.