A leading commercial SSL Certificate Authority, providing web security and identity solutions worldwide, was looking for a partner to help with Integrating Client’s Certificate Management platform with some of the most popular DevOps tools to provide IT teams with a comprehensive PKI (Public Key Infrastructure) solution for DevOps.
To integrate client's Certificate Management Platform with industry-leading DevOps tools that would provide their end clients with strong DevOps powered Public Key Infrastructure (PKI) solution.
AWS Services: Ec2, S3, IAM, Route 53, VPC
DevOps Tools: Docker, Terraform, Salt Stack, Kubernetes, Chef, Puppet, CI,CD - GIT, Jenkins
Scripting: Python, GO Lang, Groovy, Bash, Ruby, Jinja Templating
OS Supported: Linux, Windows
Trianz conducted an assessment and along with the client, initiated execution of the following integration initiatives:
Enabling Certificates Issuance Support for SSL and Client
Enrolling user definition for all the parameters related to the generation of KEY, CSR and the CERTIFICATE
Enabling RSA 2048, 3072, and 4096-bit private key generation formats
Generating all the required files for Certificate Enrolment
Supporting both the generation of new SSL/CLIENT certificates and the use of existing certificates and other files stored in a location accessible to the DevOps tool being used.
Enabling auto-Renewal of Certificates along with checking the validity of a certificate and auto-renewing it if the certificate is expired or is in the expiry window configured by the user.
Replacing the existing certificate with a new and the custom CSR parameters or domain names modified, if any.
Enabling auto-configuration of the KEY generated and SSL Certificates for NGINX / Apache
Docker engine setup and other services
Creation of Docker Files, Docker Images and the Containers
Creation of the Entry point script with business logic to manage the entire Certificate Life cycle
Enabled Terraform setup
Creation of Terraform Provider and the GoCert Plugin that handles API calls
Creation of the Go library and scripts with business logic to manage the entire Certificate Lifecycle
Setting up the Salt Master and the Minions
Creation of the python scripts and modules with business logic to manage the entire Certificate Lifecycle
Due to these Integrations, the Client was able to provide seamless solutions for the enrollment, collection, renewal, replacement, and revocation of SSL/TLS and CLIENT certificates issued by the Client’s Certificate Manager.
By providing solutions for different DevOps tools, the end user does not have to migrate their existing environment to a specific DevOps tool but instead can integrate their existing setup with any of the solutions available.
Contact Us Today
Let’s Talk
x