The client is an American food processing multinational corporation. They wanted to improve the manual tracking and management of certificates to reduced unplanned security outages.
Infosys helped them to improve productivity and save efforts by automating the renewal of digital certificates.
Key Challenges
- Manual tracking and management of SSL keys and certificates
- Unplanned certificate-related outages causing business disruption
- Lack of notification and alert to the certificate owners on expiry
- Undefined processes to manage the renewal and expiration of certificates
The Solution
Standardized and advanced processes to manage certificates
- Designed and implemented SaaS Keyfactor PKI tool for issuance of digital certificates
- Established and implemented public trusted Certificate Authenticator (CA) called Entrust and AWS certificate cloud service to offer certificates to public facing sites
- Configured automatic renewal of certificates and enabled timely notification mechanism for certificate expiry
- Defined a simple process to generate certificate signing request for the application owners
- Streamlined a standard process for bulk certificate renewal
- Implemented Hashicorp Vault tool for certificate lifecycle management and key management for applications
Benefits
Certificate supervision made easy
Flexible and efficient tool to manage digital certificates by certificate owners
Improved reporting and notifications to ensure users have ample of time to renew certificates
Enhanced productivity and security by standardizing certificate renewal process
Reduced time from 3 weeks to 2 days for operational activities such as certificate monitoring and renewal
Automated 15000+ certificates for IIS, AWS and F5 load balancers to prevent certificate outages
Automatic certificate renewal workflow set up for 350 applications
Enhanced security of cryptographic keys
