December 19, 2017 By Carmel Schindelhaim 4 min read

Introducing IBM Cloud Certificate Manager – Manage SSL/TLS Certificates for your apps

Introducing IBM Cloud Certificate Manager

We are excited to announce IBM Cloud Certificate Manager in Beta, a service to help you manage SSL/TLS certificates for your apps and services! Certificate Manager provides you with a secure repository to store your certificates and their associated private keys, and gives you tools to manage the life-cycle of certificates, so that you can continually secure your apps with HTTPS.

What is HTTPS?

Let’s say you are buying a book online and asked to enter your credit card number at checkout. How do you know that you are submitting your payment info to a legitimate website? And more than that – how can you be sure that an eavesdropper on your wi-fi network can’t steal it? HTTPS provides that protection. When you connect to an HTTPS secured site, your browser will verify that the website you are communicating with is legitimate by checking that website’s SSL/TLS certificate. Once verified, data sent between your browser and the website will be encrypted, so that no eavesdropper can read it. You’ll recognize sites that have HTTPS enabled by the green lock icon displayed in the address bar.

How do you get an SSL/TLS certificate?

SSL/TLS certificates are issued to a specific domain or sub-domains by certificate authorities, also known as CAs. A certificate authority does the due diligence to make sure that at minimum you are responsible for the domain, and that you are a reputable organization. They then issue a certificate that is digitally signed, allowing your browser to verify that it was issued by a legitimate CA. Browsers come with a pre-built set of root certificates they trust. In practice, root certificates are not used to sign end certificates because the private key of the root certificate must be protected. Instead, a chain of intermediate certificates is typically used between the end certificate and the root, and that chain is verified by the browser.

What do you do with your SSL/TLS Certificate?

Once you get a certificate, you are responsible for installing it on your system. The certificate you get is valid only for a period of time, so you are also responsible for renewing the certificate every time before it expires. This is really important, since expired certificates can cause service disruptions. Throughout your usage of certificates, you’ll want to protect their associated private keys. Stolen keys can mean compromised data, so you’ll need good governance of access to certificates. Sometimes certificates need to be rekeyed or replaced to meet new security or compliance requirements that your organization has, so you need visibility into which certificates are used where, and a way to easily identify certificates that need to be replaced. Finally, you’ll want an easy and secure way to deploy out your certificates to services that do SSL/TLS termination in a cloud environment, like your application load balancer.

IBM Cloud Certificate Manager

IBM Cloud Certificate Manager simplifies a lot of the tasks of certificate management. With Certificate Manager, you get a secure repository to store and centrally manage your certificates. When you upload a certificate that you obtained for your custom domain from a certificate authority, Certificate Manager will store it in an encrypted repository, and you get a central view of all your certificates and where they are in use. When you want to deploy your certificate, use the Certificate Manager API or console to retrieve your certificate. Certificate Manager helps you keep track of when your certificates are going to expire, so that you’ll remember to renew them on time. Certificate Manager is also integrated with IBM Cloud IAM, so you can control access to certificates with IAM policies, and with IBM Cloud Activity Tracker, so you can audit certificate usage and management activities.

We’d love to hear your feedback!

Certificate Manager is available now in the US-South region, and is free to use. This is the first step we are taking to help you easily and securely manage certificates, and enable HTTPS for your cloud based apps. We’d love to hear from you with feedback and questions. Get help for technical questions at Stack Overflow, with the ‘ibm-certificate-manager’ tag, or for non technical questions at IBM developerworks with the ‘ibm-certificate-manager’ tag. For defect or support needs, use the support section in the IBM Cloud menu.

To get started with Certificate Manager, check it out in the IBM Cloud catalog!.

Was this article helpful?
YesNo

More from Security

CIOs must prepare their organizations today for quantum-safe cryptography

7 min read - Quantum computers are emerging from the pure research phase and becoming useful tools. They are used across industries and organizations to explore the frontiers of challenges in healthcare and life sciences, high energy physics, materials development, optimization and sustainability. However, as quantum computers scale, they will also be able to solve certain hard mathematical problems on which today's public key cryptography relies. A future cryptographically relevant quantum computer (CRQC) might break globally used asymmetric cryptography algorithms that currently help ensure…

Addressing the cybersecurity skills gap with higher education

4 min read - As cyberattacks and security incidents continue to rise, the demand for skilled cybersecurity professionals in government and private sectors has reached unprecedented levels. The United States faces a critical challenge in defending its national security in the digital realm, highlighting the urgent need for a robust cyber workforce. On July 31, 2023, the White House published its National Cyber Workforce and Education Strategy and called upon public and private institutions and ecosystems to make it successful. Pillar Two of the strategy…

Fortressing the digital frontier: A comprehensive look at IBM Cloud network security services

6 min read - The cloud revolution has fundamentally transformed how businesses operate. Its superior scalability, agility and cost-effectiveness have made it the go-to platform for organizations of all sizes. However, this shift to the cloud has introduced a new landscape of ever-evolving security threats. Data breaches and cyberattacks continue to hit organizations, making robust cloud network security an absolute necessity. IBM®, a titan in the tech industry, recognizes this critical need, provides a comprehensive suite of tools and offers unmatched expertise to fortify…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters