Best Practices for certificate management

Posted on 2011-10-28
Last Modified: 2012-05-12
I was wondering if people could share how their companies manage their SSL certificates?

When companies  have a large number of certificates  what methods do they use to store the certificates and keys in a safe and secure manner? What policies do you put in place to protect the certificates?
I’ve seen a couple products on the market for this but the prices are expensive. Most cost more for the management than the actual certificate per year.

Just looking for some insight.
Question by:jbla9028
    LVL 17

    Accepted Solution

    We're using WebCert for creating and managing certificates ... might not be the most feature-rich tool, but covers our requirements ... very easy to use, too ...
    As for safe/secure - if you want to make sure there's no abuse (do I need to mention "DigiNotar"?), install it on a machine that's not networked, and possibly keep all the data on a crypted partition that's only mounted when you actually need to do any signing ...
    LVL 1

    Author Closing Comment

    This seems like a good start. Thank you.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    I thought I'd write this up for anyone who has a request to create an anonymous whistle-blower-type submission form created using SharePoint 2010 (this would probably work the same for 2013). It's not 100% fool-proof but it's as close as you can get…
    Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now