0
4.2.0
Australia, Zurich, Yokohama, Xanadu
Standalone Application
Automating manual tasks like requesting a new certificate and renewing expired certificates can increase the productivity of the public-key infrastructure (PKI) team by approximately 30% and help digitize manual workflows.
The ServiceNow Certificate Inventory and Management store application provides a platform-based approach to the lifecycle management of TLS certificates. This solution, combined with task fulfillment, can provide a methodical approach to the request management and renewal management process.
Compliance and security hygiene go hand in hand, and strong TLS management is a priority. A lack of visibility to deployed TLS certificates and expiry of TLS certificates can result in service outages and data breaches. The largest consumer credit reporting company commented on how “TLS certificates had expired about 10 months before the breach occurred, meaning that encrypted traffic was not being inspected throughout that period.”
Key features
- Workflows for the request to fulfill/renew certificates via a Service Catalog.
- Policy-based framework to route digital certificate request/renewal and revoke workflows.
- Auto-discovery of TLS certificates in CMDB common service data model using IP/port scans and URL-based methods.
- Single pane of glass dashboard provides insights into workflow task management for the PKI team and provides comprehensive visibility to the deployment of certificates.
- Expiry pipeline view provides visibility to TLS certificates expiring in 30, 60, and 90 days.
- Automatic incident creation for expired TLS certificates.
- Discover, relate, and reconcile cloud certificates (AWS/Azure/GCP certificate manager) to your cloud apps and compute.
- Get Automatic Certificate Management Environment (ACME) protocol support for multiple certificate authorities with validation.
Note: The ACME protocol is a communications protocol for automating interactions between certificate authorities and their users' servers, allowing the automated deployment of public key infrastructure.
New:
- Integration with CyberArk Certificate Manager SaaS
Manage certificates by using the certificate management capabilities of CyberArk Certificate Manager SaaS while maintaining centralized visibility and control through ServiceNow Certificate Inventory and Management. - Integration with Azure Key Vault
Store your private keys in Azure Key Vault during automated certificate operations by selecting Azure Key Vault as an external vault provider when setting up routing policies.
This feature is supported starting with the Brazil release. - Integration with Microsoft Teams
Get certificate notifications and start renewal workflows directly from Microsoft Teams channels. - Manage certificate notifications from a centralized form
View and manage all email and Microsoft Teams certificate notifications from the Certificate notification policy form. This form enables you to configure which events trigger email notifications and specify recipients for each event type. - Access Service Catalog forms for certificate request, renewal, and revocation processes from the Certificate Management workspace.
Changed: N/A
Removed: N/A
Fixed:
- Fixed an issue where CIs in the installed certificate table showed empty Name values.
- Retired certificates no longer generate renewal tasks.
- Fixed an issue where the issuer and root_issuer fields were both set to the same intermediate certificate in a certificate chain, causing inconsistent issuer selection.
Required plugins and products
- ITOM Visibility subscription
- Configuration Management for Scoped Apps (CMDB) (com.snc.cmdb.scoped)
- Discovery plugin (com.snc.discovery)
App dependencies
- CMDB CI Class Models