Certificate Outages

How to get the visibility you need to avoid them

Public Key Certificates are the part of public-key infrastructure (PKI) that allows us to trust that a public key really does correspond to a private key held by the entity named in the certificate. They are used all over modern IT, in TLS endpoints, for code signing, authentication, and document signatures. New technologies such as microservices and container archiectures are increasing the need to issue and deploy certificates rapidly.

When a service becomes unavailable because a certificate-related operation fails, this is known as a certificate outage. They are commonly observed when TLS endpoints cannot connect, but can also break code update because updates cannot be verified, prevent login because authentication failed, etc.

Here you can find background to the certificate outage problem, in particular on why failures still occur despite the availability of automated certificate management tools.

Outages are Expensive

Issues with certificate management don't just cause outages, they can also lead to serious breaches when those certificates are used for authentication to services. In this video, Graham explains the recent Mimecast attack, which is now believed to be part of the same operation that targeted Solarwinds to penetrate some of the most sensitive organisations in the USA.

Certificate Outages Webinar

Certificate Outages and how to avoid them
In this webinar we look at examples of real "rubber hits the road" issues with organising certificate management. We'll look at the various ways that a certificate can fall through the cracks of an automated process, taking examples from real world cases. We look at how to quickly recover from certificate issues, and how to recover the automated visibility you need to avoid them.

watch now