KeyTalk expands with DigiCert, SCEP and Kubernetes support 09 May ‘21
KeyTalk CKMS news on latest developments
Many of our partners have been waiting anxiously for this for months, and last week they got it: the KeyTalk CKMS release 5.8.12 provides full support for DigiCert’s enterprise issuing platform.
This is also the last 5.x release, as we have been working on the new KeyTalk 6 platform in the background for several months. This platform will be available by the end of February. KeyTalk 6 is based on the most recent version of Unbuntu (20.04 LTS) and will, therefore be, our foundation for the next 5 years.
In addition to this fundamental development in the background, we are also working on two important new features to the platform: Support for SCEP and Kubernetes. The introduction of these functionalities will take place after the introduction of KeyTalk release 6, both in mid-March.
After GlobalSign, Microsoft CA and DigiCert-QuoVadis, DigiCert is the fourth CA where KeyTalk offers full auto enrolment support. This includes all DigiCert labels and all types of certificates;
- Geotrust TrueBusinessID OV
- Thawte SSL Webserver OV
- DigiCert Basic OV
- DigiCert Secure Site OV
- DigiCert Secure Site Pro SSL
- Geotrust TrueBusinessID EV
- Thawte SSL Webserver EV
- DigiCert Basic EV
- DigiCert Secure Site EV
- DigiCert Secure Site Pro EV SSL
- Class 1 S/Mime
- Class 2 S/MIME Premium
- DigiCert Private SSL
- DigiCert Private Multi-Domain SSL
- DigiCert Private SSL Wildcard
We will provide additional, detailed information on this in our next blog.
Simple Certificate Enrollment Protocol (SCEP)
The SCEP protocol has existed for more than 20 years. It is one of the first protocols intended for an easy, large-scale roll-out of digital certificates. Due to the absence of an authentication option in the protocol, KeyTalk waited a long time before supporting it. But more and more of our customers use MS Intune for their mobile device management, and issuing authentication certificates to MS Intune is only possible with SCEP. That is why we have changed our minds.
SCEP is used for deploying personal and machine authentication certificates, for server certificates, IoT certificates and certificates that are further distributed via MDM solutions such as MS Intune and MobileIron.
Kubernetes is an open-source container orchestration system that makes it possible to scale up and down a server or entire application environments very quickly. We see the use of Kubernetes increasing strongly among our customers in the hosting and financial sectors as well as among large corporate customers. To enable secure communication with applications running on a Kubernetes platform, automated certificate management (PKI) is a requirement.
Automated requesting, installing and configuring of private or public SSL certificates is not easy on a Kubernetes-based platform. This is mainly due to the possibility of starting and stopping servers as well as applications on this platform at lightning speed. Cert-manager.io has become the de facto open source solution for certificate management on this platform. KeyTalk has begun development of the interface to cert-manager.io, enabling users to combine the certificate management of KeyTalk and Cert-manager.io.
For any questions about this, please contact firstname.lastname@example.org directly.
The KeyTalk Team