SSL/TLS certificates are used to encrypt communication between various applications or between applications and clients. This encryption is an important part of system security in your company.
​
The CA/Browser Forum (Certification Authority/Browser Forum) specifies in the "Baseline Requirements" that certificates may not be valid for more than one year. It is therefore necessary to recognize in good time when certificates will expire and where they are in use in order to be able to proactively initiate the re-issuance and to renew the certificates in a targeted manner.
​
Is the security certificate of an applicationOnce expired, there may be restrictions or even interruptions in your business processes. Renewing SSL Certificates is a process whosen Completion takes some time and effort and can therefore lead to longer restrictions if recognized too late.
automatics takes these tasks over and offers a full lifecycle certificate management for all your ABAP, JAVA and Webdispatcher systems.
CERTIFICATE EXPIRY VALIDATION
Proactively and periodically check whether certificates are expiring or whether they have already expired. Certificates from all certificate stores (PSE & STRUST) of a SAP system are identified and checked against an expiry threshold. Notifications are triggered as soon as certificates are in a critical state.
Display of all relevant information for anewIssue and distribution of certificates:
-
CERTIFICATE STORE
-
SUBJECT
-
SUBJECTALTERNATIVE NAMES
-
EXPIRY DATE
-
EXHIBITOR
-
SERIAL NUMBER
-
PATH
DISTRIBUTION OF
CLIENT CERTIFICATES
With automatics, newly issued trusted certificates can be distributed easily and across all systems in your system landscape.
Certificates can be uploaded via bulk upload, read and made available automatically by a Windows CA/Microsoft PKI or via URLs/websites. Select your target system and decide for yourself whether the certificates should be redistributed to all systems or exchanged in a specific manner.
automatics takes care of importing the certificates into the respective certificate store and updating the STRUST.
DISTRIBUTION OF SERVER CERTIFICATES
Creation of Certificate Signing Requests (CSRs) based on existing PSE files and optional provision to the Certificate Authority (CA) service in order to obtain a signed certificate for your server certificates. Subsequent certificate renewal of the server PSE file with the CSR-generated certificates (X.509 certificates in PEM format), including the adoption of the affected trusted certificates.
Alternatively, the certificate renewal of the server PSE file can be carried out with PKCS #12 certificates, including the adoption of the affected trusted certificates.
A backup of the old PSE files and a possible rollback ensures that your PSE files are always in a secure state. The changes are automatically transferred to STRUST (ABAP) and activated.
Integrate your Windows CA/Microsoft PKI to fully automate this process.