Enterprise PKI Manager
New
Managed Automation - Sensor
With this release we are introducing a set of automation functionality that allows administrators to discover and automate certificate lifecycle on a variety of appliances and cloud platforms. this release is focused on enabling the following features for certificate lifecycle management:
DigiCert ONE Sensor software
DigiCert ONE Sensor is now available as a docker container. One or more sensors can be deployed within the customer environment to manage discovery and automation tasks without changing network configurations. Sensors act as workers executing tasks initiated by Enterprise PKI Manager.
Adding and Managing Sensor connections
Administrators can add one or more sensor connections, connecting to appliances including F5 BIG-IP LTM, Citrix ADC, A10 or Cloud platforms including AWS to manage certificate lifecycle on these environments.
With load-balancers, administrators can automate discovery and end-end enrollment and installation of certificates.
With AWS Administrators can automate lifecycle management of DigiCert certificates within AWS Certificate Manager (ACM) and provision them to AWS Application and Network load balancers. This integration also allows users to automate certificate management for AWS Cloudfront from within the Enterprise PKI Manager
Enhanced views
With the automation features we are enhancing the existing certificate views in Enterprise PKI manager to add:
All certificates view: Additional columns, filters and action are available when automation feature is enabled
Managed Automation view: a new default view focused on certificates discovered from configured sensor connections.
Unsecured view : a new default view added to list all unsecured sites found on configured sensor connections.
Automation Actions
Administrators can trigger automated enrollment, renewal and reissue of certificates from within Enterprise PKI views. This feature automates certificate lifecycle from CSR generation to installation all with a few click from within the Enterprise PKI Manager.
Issuing CA
This feature supports issuing certificates from CertCentral and CA Manager in DigiCert One.
Enhancements
Profile wizard
Re-label the "Send notification to" checkbox inside email templates in Email & Notifications profile step to “Send email notifications”.
For profiles created from the External Private CA template, removed the ordering arrows for the SubjectDN fields since CA ordering of fields is only supported for end-entity certificates (not CA certificates).
Automatically redirect the user to the Profile Details page after creating/updating a profile where dynamically generated data such as the profile GUID can be fetched for onward integrations.
Audit log
Improved the performance of fetching audit logs as a System Admins by forcing the use of the global account selector, instead of retrieving audit log events for all accounts.
Dashboard Updates
New general dashboard widget:
Expiring Certificates widget: shows certificates that are due to expire within pre-defined time slots (Last 30 days, 0-7 days, 8-30 days, 31-60 days, 61-90 days)
New automation-related dashboard widget:
Integrations widget: shows status of sensors and sensor connections to highlight any configuration issues that need attention.