Key Manager Plus 6150 is now Available!

Key Manager Plus 6150 is now Available!

Hi all,

We are happy to announce the release of Key Manager Plus 6.1 (Build 6150). We'd like to take this opportunity to thank all our customers and users for their feedback and continued support.
  • New Feature
    • Support for SAML-based Single-Sign-On (SSO)
      Key Manager Plus integrates with federated identity management solutions to act as the SAML service provider and works with SAML identity providers to offer single sign-on. Through this feature, you can leverage a third-party SAML identity provider's authentication mechanism to access the Key Manager Plus interface without supplying your existing local authentication credentials for Key Manager Plus. Key Manager Plus supports several SAML SSO identity providers including, Okta, Azure SAML SSO, and AD FS.
    • New Tools Category Added:
      Key Manager Plus now comes with a 'Tools' category that will allow users to independently perform certificate conversion, SSL/CSR parsing, and vulnerability scanning without adding certificates into the Key Manager Plus repository.
      i. Certificate Signing Requests (CSR) and SSL Parser - The parser tool allows users to upload certificates or their contents directly to the interface and sort the attributes into a readable format.
      ii. Certificate Format Converter - The converter tool supports one-click conversion for a wide range of certificate formats.
      iii. Scan Vulnerabilities - The scanner tool allows users to scan any domain for vulnerabilities by entering the domain name and port directly. Unlike the SSL Vulnerability scan, this tool checks for vulnerabilities in any domain, without adding the certificate to the repository.
    • Certificates Synchronization Status Check
      From Key Manager Plus build 6150 onwards, Key Manager Plus allows you to perform regular checks on the synchronization status of SSL certificates deployed to multiple servers directly. Additionally, you can schedule the synchronization check and generate a 'Certificate Sync Status' report based on the results.
    • From build 6150, after certificate renewal, the expired certificate's details can be sent via email. Configure the required setting under 'Settings >> SSL >> Certificate Renewal'.
    • From build 6150, Key Manager Plus will display the hosted SSL certificate's CommonName, Serial number, and SyncStatus with the managed servers and include them in the 'Deployed Servers' report.
    • Earlier, scheduled tasks were performed only during the scheduled time. Now, from build 6150 onwards, scheduled tasks can be performed anytime by using the 'Execute' button available under the 'Schedules' tab.
    • From build 6150, KMP allows you to check the SyncStatus using Agent. For this to work, the agent should also be updated to version 6150.
    • From build 6000, certificates were managed based on their Serial Number. From build 6150, certificates having the same common name and different serial numbers can be grouped by enabling 'Managing Certificate History Settings' under 'SSL >> Certificate History'.
    • From build 6150, after certificate renewal, the old certificate will be listed under 'Certificate History'.
    • From build 6150, Key Manager Plus allows you to add additional properties to CSR while signing with root by using the 'Advanced Options' menu. It allows users to choose from a list of Key Usage and Advanced Key Usage properties, and add them to the new certificate. Examples for the Key Usage properties include; Digital Signature, Decipher Only, Encipher Only, and Certificate Sign.
    • From build 6150, Key Manager Plus allows you to import PGP keys created using third party tools.
    Bug Fixes
    • Earlier, certificate order creation for GoDaddy's 100 UCC SAN SSL certificates was failing. This issue is fixed now.
    • Earlier, while importing SSL certificates from the GoDaddy portal, Key Manager Plus failed to import some of the certificates. This issue is fixed now.
    • Earlier, when an MSCA certificate was discovered from a different domain, the 'MSCA' type certificate was changed to the type 'Domain', which caused the auto-renewal process to fail. This issue has been fixed now.
    Security Fixes
    • A path traversal vulnerability has been fixed.
Key Manager Plus 6.1 full download:
NOTE:  Installing the full 6150 build will uninstall your existing Key Manager Plus installation. If you are running the evaluation version and wish to evaluate the new version, save a ZIP of the entire existing KeyManager installation folder before installing the new version (in case you need data from the existing version).
Upgrade pack for existing customers:
Existing customers can download Key Manager Plus 6150 upgrade pack from the link below.
NOTEWe recommend copying the entire Key Manager Plus installation folder and pasting it in another location before installing the update, just in case something goes wrong with the Key Manager Plus upgrade. That way, all your settings are backed up as well. 

If MS SQL is configured as backend, then take a backup of the corresponding database too prior to the upgrade.

Upgrade pack instructions: 
Give Key Manager Plus 6150 a trial and feel free to drop your queries to
If you want a personalised demo of Key Manager Plus, fill-up the form here and we'll have our product experts get in touch with you right away.
Have a great day!

      New to ADSelfService Plus?