One of the key aspects of GDPR is the need to protect data from unauthorised access. Consequently, encryption of data both at rest and in transit is paramount to achieving this goal.

One of the most common forms of encryption of data in transit we all use, you’re using it now, is that which is used to browse any website with an HTTPS connection.

The SSL/TLS protocols used by your browser and the website encrypt the data between you and the server using a SSL certificate as the public key within the encryption process.

Using SSL for public facing web sites is pretty much mandatory. In terms of SEO (search engine optimisation), Google penalises any site that doesn’t use SSL. With well over ¾ of all web traffic now using HTTPS (according to Google’s Transparency report), you’re going to be out in the cold if you don’t.

https SSL certificate management

https_statistics

Poor Management of SSL Certificates

Managing certificates for web servers or other web services is very often a poorly understood and neglected area of IT infrastructure management.

Certificates are often seen as something that only affect the company’s own (main) website. This typically means it’s implementation is left to the developer of the website who may be a 3rd party digital agency with little or no experience of certificates outside of the webserver scenario.

Increasingly however, many other applications are being delivered through the user’s browser and most of these are now mandating the use of HTTPS connections and thus the need for associated SSL certificates. Since many of these other applications need to be accessible to users outside of the corporate network, these certificates need also to be publically rooted, i.e. acquired from a well-known and trusted Certificate Authority (CA).

Letting certificates expire in either of these cases could have significant effects on the company’s ability to carry out business. Google Chrome and many other browsers now actively deny access in one way or another to non-SSL or badly implemented SSL enabled sites, preventing your users connecting to your website or applications.

Managing SSL Certificates the Right Way

Making sure that your web server certificates are working and up-to-date is now imperative. This means there is an ever increasing need to manage certificates throughout their whole lifecycle from initial procurement and deployment to renewal or revocation.

A good certificate management system will enable you to manage any key material such as x509 certificates but also SSH keys.

It should:

  • Support the procurement of certificates from a CA
  • Include the generation of the certificate requests (CSR)
  • Include the storage and deployment of the Private Key
  • Include the download and storage of the subsequent certificate itself.

The best management platforms will enable you to fully automate this process and furthermore they will include the deployment of the certificates and the required keys to the webserver or application server itself.

Want to Know More?

SSL certificate management is just one of our areas of expertise. If you would like to know more about the management solutions available and how they can benefit your business, please fill out the form below and we will be in touch.