Announcements
Cloud
Security
September 24, 2021 By Alex Greer
Crystal Barragan
Pratheek Karnati
3 min read

We’re excited to announce that you can now use IBM Cloud Secrets Manager to order and centrally manage domain-validated TLS certificates from Let’s Encrypt.

In a previous article, we shared how IBM Cloud Secrets Manager made it easier to manage all of your application secrets — including TLS certificates — in a single place. Today, we’re excited to announce that you can now request TLS certificates from your trusted certificate authorities, while taking advantage of a powerful, single-tenant environment that provides data isolation and can scale to your needs. 

Automate your TLS certificates management

Critical in protecting your domains is being able to reliably generate and retrieve your encrypted certificates from a trusted certificate authority. In addition to the ability to import certificates and manage them, you can now directly order certificates from your own Let’s Encrypt account without having to leave Secrets Manager. Simply connect your account and tell us what you need; we’ll take it from there.

Features

  • Connect to supported CAs and DNS providers: Enable connections between a Secrets Manager instance and your existing CA and DNS providers. In this release, you can connect your Secrets Manager instance to Let’s Encrypt and order certificates for domains that you manage in IBM Cloud Internet Services or IBM Cloud classic infrastructure
  • Order and automatically renew certificates: Request domain-validated Let’s Encrypt certificates and enable automatic rotation so that your certificates never expire.
  • Define access with secret groups: Assign granular access to a group of certificates so that you can control who on your team, or which service ID, has access to them. 
  • Protect your certificates at rest: Manage encryption with a root key in IBM Key Protect or IBM Cloud Hyper Protect Crypto Services to enhance the security of your stored certificates and their private keys.
  • Monitor and audit activity: Track how users and applications interact with secrets in your instance by using IBM Cloud Activity Tracker.

When support for notifications becomes available in Q4 of 2021, we’ll let you know so that you can start planning the next phase of your team’s Secrets Manager-powered story. Stay tuned!

Ready to get started?

Start by provisioning an IBM Cloud Secrets Manager service instance in the IBM Cloud console. Because a dedicated instance of the service is provisioned, it can take a few minutes. While you wait, you can continue to work elsewhere in IBM Cloud, or you might consider learning more about the best practices for organizing secrets and assigning access.

If you’re working from an existing instance, you can go to Secrets engines > Public certificates to prepare your instance for certificate ordering. 

  1. Define the certificate authority and DNS provider that you want to use:
  2. Use your defined configurations to order a certificate:

Need help? Check out the IBM Cloud documentation for detailed information about using Secrets Manager to order certificates.

Questions? Contact us

We’d love to hear from you. To send feedback, you can open a GitHub issue from a link at the top of any page in the documentation, open a support ticket or reach out directly through email. 

If you’ve made it this far and have more questions about Secrets Manager, we’ve got you! Check out our introductory blog on Secrets Manager or take a look at the FAQs

Alex Greer
Product Manager, IBM Cloud Secrets Manager
Crystal Barragan
Technical Writer, Cloud Security Services
Pratheek Karnati
Architect, Cloud Security Services

More from Announcements
April 19, 2024

IBM Consulting augments expertise with AWS Competencies: A win-win for clients 

3 min read - In today's dynamic economic landscape, businesses demand continuous innovation and speed of execution. At IBM Consulting®, our unwavering focus on partnerships and shared commitment to delivering enterprise-level solutions to mutual clients have been core to our success.   We are thrilled to announce that IBM® has recently gained five competencies from Amazon Web Services (AWS) in vital domains including Cloud Operations, Internet of Things (IoT), Life Sciences, Mainframe Modernization, and Telecommunications. With these credentials, IBM further establishes its position as a…

April 18, 2024

Probable Root Cause: Accelerating incident remediation with causal AI 

5 min read - It has been proven time and time again that a business application’s outages are very costly. The estimated cost of an average downtime can run USD 50,000 to 500,000 per hour, and more as businesses are actively moving to digitization. The complexity of applications is growing as well, so Site Reliability Engineers (SREs) require hours—and sometimes days—to identify and resolve problems.   To alleviate this problem, we have introduced the new feature Probable Root Cause as part of Intelligent Incident…

April 11, 2024

Reflecting on IBM’s legacy of environmental innovation and leadership

4 min read - Upholding a legacy of more than 50 years of environmental responsibility through our company’s actions and commitments, IBM continues to be a leader in driving sustainability for our business, our communities and our clients—including a 34-year history of annual, public environmental reporting, which we continue today. As a hybrid cloud and artificial intelligence (AI) company, we believe that leveraging technology is key to unlocking impact, and it will play a substantial role in how society addresses, adapts to, and overcomes…

IBM Newsletters

 Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters