At this level, organizations can continuously monitor key and certificate assets for improved inventory and risk mitigation. CyberArk Trust Protection Foundation monitors existing certificates and provides current information on the certificate status and lifecycle. When the certificate nears the end of its lifecycle, Trust Protection Foundation sends dynamically-generated expiration and escalation messages to certificate owners, consumers, and approvers.
At the monitoring level of certificate management, however, CyberArk Trust Protection Foundation does not renew the certificate. The administrator must manually create the CSR, send it to the certificate authority (CA), then retrieve and install the renewed certificate.
Once the certificate is manually installed, CyberArk Certificate Manager - Self-Hosted can validate the certificate is installed and properly configured.