Discovery and Visibility

During any certificate expiry or revocation event, the hardest part of mitigating an outage is not identifying the certificate, but it is often locating it on-time. A certificate is often distributed across load balancers, firewalls, web servers, containers and multi-cloud environments and without proper visibility, a certificate-related outage becomes inevitable. With AppViewX, you can enhance the visibility and accuracy of your certificate infrastructure with minimal manual intervention.

Discover Unknown Certificates and Keys across Heterogeneous Environments

AppViewX’s smart discovery can help you perform a certificate discovery by two modes – Unauthenticated and Authenticated. In an Unauthenticated discovery, you can use an IP range, a subnet or an URL to identify the certificates available. But, to get a deeper understanding into each certificate and its various associations, the authenticated discovery scans each device securely (load balancer, firewall, web server, cloud or CA) to create an accurate picture of your certificate infrastructure. This discovery process can be customized with total pause-resume control to optimize network utilization. Post discovery, the certificates are processed using our rule engine to filter certificates that are most important to you.

Discover And Visibility Discover Unknown Certificates and Keys across Heterogeneous Environments
Discover And Visibility Group Certificates and Keys and Enforce Policy

Group Certificates and Keys and Enforce Policy

Not every certificate that is identified during a discovery needs to be managed individually. Certificates can be grouped based on your specific business use-case and necessary access restrictions can be applied before delegating it to your teams. These certificate groups can also be governed by policies that cover authorized CSR parameters and private key attributes. Each group follows a business workflow and any certificate-related issue can be remediated immediately through a well-defined escalation matrix.

Monitor Status, Get Notifications, and Renew Certificates Before Expiration

Post discovery, each certificate that is transferred to the built-in inventory has two modes of management – Monitored and Managed. The Monitored mode allows you to just monitor the status of a certificate, its various locations, expiration date and compliance. As the inventory is updated dynamically, continuous monitoring helps you flag any changes that affect a particular certificate-device association. Multiple users can be notified of a certificate-related issue at the same time. But a user will only be able to remediate an issue using the platform when the certificate is in Managed mode. In case of a certificate expiry, you can auto-renew certificates and also choose to provision it on to the end-devices automatically.

Discover And Visibility Monitor Status Get Notifications and Renew Certificates Before Expiration
Discover And Visibility Get a Holistic View of the Certificate including Chain of Trust and Where Installed

Get a Holistic View of the Certificate, including Chain of Trust and Where Installed

Our holistic view is a patented, graphical representation of a single certificate, its various device associations and chain of trust. Any certificate lifecycle related activity such as renewal, revocation, download and provisioning can be performed from the same screen with necessary business workflows. The certificate chain of trust representation within the holistic view helps you validate your root and intermediate certificates for compliance. The view also has proper legends to quickly identify the connection status to each device and its association with a certificate’s key.


30-Minute Live CERT+ Demo

Thursdays 02:00 pm ET / 11:00 am PT


Know More About Our Certificate Lifecycle Automation Solution