Managing network certificates and private keys

Besides managing your certificate lifecycle, Venafi Trust Protection Platform provides extensive certificate and private key management features.

To acquire existing certificate and private key files, you can manually import certificate and private key files to Trust Protection Platform or you can allow Trust Protection Platform to extract certificates and private keys directly from managed applications. Once certificates and private keys are securely stored in the Trust Protection Platform database, you can install, or “push,” a certificate and private key to other servers in your network—or, if preferred, you can simply download the certificate and private key, then manually install them yourself.

Venafi Trust Protection Platform™ simplifies the process of managing digital certificates through their lifecycles. When a certificate is brought under management, Trust Protection Platform monitors the certificate and provides current information on the certificate status. When a certificate nears the end of its lifecycle, Trust Protection Platform provides notifications so you can renew and install the certificate before it expires.

If the certificate is configured for enrollment, Trust Protection Platform interfaces directly with CA to initiate certificate renewal and key generation requests according to organization-defined workflow and approved folders. After the CA signs the certificate, Trust Protection Platform retrieves the certificate and securely stores it in the Secret Store. The administrator can then download the certificate from the Secret Store and install it on the target system(s).

If the certificate is configured for Provisioning, Trust Protection Platform automatically requests, renews, and installs the certificate on its associated application(s), ensuring that the certificate is reliably deployed and managed.

Besides managing your certificate lifecycle, Trust Protection Platform also provides extensive certificate and private key management features. To acquire existing certificate and private key files, you can manually import certificate and private key files to the Trust Protection Platform database or you can allow Trust Protection Platform to extract certificates and private keys directly from managed applications. Once certificates and private keys are securely stored in the Trust Protection Platform database, you can install, or “push,” a certificate and private key to other servers in your network—or, if preferred, you can simply download the certificate and private key, then manually install them yourself.