Key Manager Plus 7000 (Major) (Nov 2024)

New Feature

• emSign CA Integration
  
  Key Manager Plus now integrates with emSign Certificate Authority (powered by eMudhra), a leading provider of SSL/TLS certificates and digital identity solutions. With this integration, users can seamlessly request, acquire, import, deploy, and revoke emSign-issued certificates directly through the Key Manager Plus interface. This enhances the certificate lifecycle management process by providing a centralized platform for managing all emSign certificates, improving efficiency and reducing the risk of certificate-related outages.
  
  Explore this feature from the Integrations >> emSign section for comprehensive management options.
  

Enriched User Interface

• Key Manager Plus now features a completely revamped user interface, designed to provide a modern, intuitive, and optimized user experience. The new layout improves navigation, enhances usability, and offers a streamlined interface to help users manage tasks more efficiently and with ease. Key UI improvements include:
  
  • Customizable Dashboard
    
  • Centralized CA Integrations Page
    
  • Personalized UI Settings
    

Enhancements

• The Audit tab now provides a comprehensive view of audit categories, improving the user experience by allowing streamlined access to all audit types in one place. The available audits include:
  
  • Discovery Audit
    
  • Schedule Audit
    
  • Key Association Audit
    
  • Key Rotation Audit
    
  • User Audit
    
• Previously, the CSR submitted via a file or content for public CA certificate requests was not saved in the Key Manager Plus CSR list. From now on, the CSR provided during the certificate request will be automatically added to the CSR tab upon submission, regardless of the method used for CSR input.
  
• Administrators can now enable or disable sharing CSR templates with users assigned the Operator role for creating certificate requests. Additionally, they have the option to either allow or restrict Operators from creating CSR only using the shared templates.
  
  Note: Operator role-relevant settings can now be accessed via Settings > SSL > Operator Settings, replacing the previous path Settings > SSL > Approval.
  
• The User Access Report now includes additional columns for Role and Email, which are also reflected in the new User Audit section.
  
• RESTful API Updates:
  
  • Introducing the Update SSL Certificate API to update the SSL certificate details, including the additional field values.
    
  • Delete SSL Certificate API has been enhanced with an option to exclude the certificate and provide a reason for its exclusion during the certificate deletion process.
    
• Domains and IP addresses stored through Key Manager Plus integrations will now be automatically added to the Domain - Allowlist under Settings >> Privacy Settings. This enhancement ensures that only trusted domains can connect to Key Manager Plus, bolstering security. By default, commonly used Certificate Authority (CA) domains are pre-populated in the default allowlist, while any additional domains or IP addresses specified by the administrator will also appear in the Domain - Allowlist for easy management.
  
• In addition to fetching templates during ServiceDesk Plus ticketing system integration, Key Manager Plus now allows users to add ServiceDesk Plus templates as dropdown options in additional fields. This enhancement lets users map templates to certificates, enabling tickets to be sent with the appropriate templates for certificate expirations or SSL vulnerabilities.
  
• The audit for certificate renewal settings in Key Manager Plus has been enhanced to display more detailed information.
  
• SSL certificates that require KeyStore passwords can now be utilized in the Jenkins build environment for organizations' freestyle projects, both during the build generation and post-build processes.
  

Upgrade

• jQuery has been upgraded from version 3.6.0 to 3.7.1 in the context of security, performance, and maintainability.
  

Bug Fix

• Previously, certificates issued by the MSCA could not be deleted from Key Manager Plus installed on an MSCA server. This issue has now been resolved.
  

Security Fix

• Addressed a few internally identified RCE vulnerabilities in this release to improve the security of Key Manager Plus.