Security
December 19, 2017 By Carmel Schindelhaim 4 min read

Introducing IBM Cloud Certificate Manager – Manage SSL/TLS Certificates for your apps

Introducing IBM Cloud Certificate Manager

We are excited to announce IBM Cloud Certificate Manager in Beta, a service to help you manage SSL/TLS certificates for your apps and services! Certificate Manager provides you with a secure repository to store your certificates and their associated private keys, and gives you tools to manage the life-cycle of certificates, so that you can continually secure your apps with HTTPS.

What is HTTPS?

Let’s say you are buying a book online and asked to enter your credit card number at checkout. How do you know that you are submitting your payment info to a legitimate website? And more than that – how can you be sure that an eavesdropper on your wi-fi network can’t steal it? HTTPS provides that protection. When you connect to an HTTPS secured site, your browser will verify that the website you are communicating with is legitimate by checking that website’s SSL/TLS certificate. Once verified, data sent between your browser and the website will be encrypted, so that no eavesdropper can read it. You’ll recognize sites that have HTTPS enabled by the green lock icon displayed in the address bar.

How do you get an SSL/TLS certificate?

SSL/TLS certificates are issued to a specific domain or sub-domains by certificate authorities, also known as CAs. A certificate authority does the due diligence to make sure that at minimum you are responsible for the domain, and that you are a reputable organization. They then issue a certificate that is digitally signed, allowing your browser to verify that it was issued by a legitimate CA. Browsers come with a pre-built set of root certificates they trust. In practice, root certificates are not used to sign end certificates because the private key of the root certificate must be protected. Instead, a chain of intermediate certificates is typically used between the end certificate and the root, and that chain is verified by the browser.

What do you do with your SSL/TLS Certificate?

Once you get a certificate, you are responsible for installing it on your system. The certificate you get is valid only for a period of time, so you are also responsible for renewing the certificate every time before it expires. This is really important, since expired certificates can cause service disruptions. Throughout your usage of certificates, you’ll want to protect their associated private keys. Stolen keys can mean compromised data, so you’ll need good governance of access to certificates. Sometimes certificates need to be rekeyed or replaced to meet new security or compliance requirements that your organization has, so you need visibility into which certificates are used where, and a way to easily identify certificates that need to be replaced. Finally, you’ll want an easy and secure way to deploy out your certificates to services that do SSL/TLS termination in a cloud environment, like your application load balancer.

IBM Cloud Certificate Manager

IBM Cloud Certificate Manager simplifies a lot of the tasks of certificate management. With Certificate Manager, you get a secure repository to store and centrally manage your certificates. When you upload a certificate that you obtained for your custom domain from a certificate authority, Certificate Manager will store it in an encrypted repository, and you get a central view of all your certificates and where they are in use. When you want to deploy your certificate, use the Certificate Manager API or console to retrieve your certificate. Certificate Manager helps you keep track of when your certificates are going to expire, so that you’ll remember to renew them on time. Certificate Manager is also integrated with IBM Cloud IAM, so you can control access to certificates with IAM policies, and with IBM Cloud Activity Tracker, so you can audit certificate usage and management activities.

We’d love to hear your feedback!

Certificate Manager is available now in the US-South region, and is free to use. This is the first step we are taking to help you easily and securely manage certificates, and enable HTTPS for your cloud based apps. We’d love to hear from you with feedback and questions. Get help for technical questions at Stack Overflow, with the ‘ibm-certificate-manager’ tag, or for non technical questions at IBM developerworks with the ‘ibm-certificate-manager’ tag. For defect or support needs, use the support section in the IBM Cloud menu.

To get started with Certificate Manager, check it out in the IBM Cloud catalog!.

Carmel Schindelhaim
Offering Manager

More from Security
December 4, 2023

How financial institutions can deliver value from investment in digital operational resilience

2 min read - The Digital Operational Resilience Act (DORA) is a landmark piece of legislation in the European Union (EU) that is designed to help fortify the operational resilience of the financial sector, making it fit for purpose in the digital age. DORA has several objectives, including to comprehensively address information and communications technology (ICT) risk management in the financial services sector and harmonize the ICT risk management regulations that already exist in individual EU member states. Building the requisite level of digital…

December 1, 2023

Supercharge security operations: How to unlock analysts’ productivity

6 min read - Security analysts are all too familiar with the challenges of alert fatigue, swivel chair type of analysis, and "ghost chasing" spurred by false positives. Facing massive volumes of data coming from an expanding digital footprint and attack surfaces across hybrid multi-cloud environments, they must quickly discern real threats from all the noise without getting derailed by stale intelligence. Many organizations have to juggle dozens of security tools, which creates scattered, contextless information that often weakens the foundational triad of cybersecurity:…

November 30, 2023

Rallying troops against cybercrime with QRadar SIEM

5 min read - Cybersecurity is everyone’s business—as it should be, given the staggering surge in cyberattacks. Today, these attacks exhibit an unprecedented level of frequency, ingenuity and speed. The cyberthreat landscape is evolving and countries such as India are facing an alarming rate of increase in cyberattacks (Q2 of 2023 saw a 90% increase). Driven by accelerated hybrid cloud adoption and digital transformation efforts, the region is currently a beacon of innovation and a battleground for cyberthreats. This is creating more attack opportunities…

November 20, 2023

IBM Named a Leader in 2023 Gartner® Magic Quadrant™ for Access Management

3 min read - We are thrilled to share that IBM is named a Leader in the most recent Gartner® Magic Quadrant™ for Access Management. IBM is recognized for its Ability to Execute and Completeness of Vision. As a team, we’ve been working hard to deliver on a roadmap of identity and access management capabilities that we believe solve the biggest challenges organizations are facing when it comes to managing identities in today’s dispersed, hybrid cloud environments. Ultimately, our vision is to provide the right…

IBM Newsletters

 Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters