When the number of certificates gets into four and five digits, automated management is the only way to go. They need to be renewed and installed automatically on a regular schedule. The Quttera SSL API provides the backbone of your TLS certificate management. It lets you scan your network as often as you want, discovering all TLS certificates and reporting any that are self-signed, expired, or improperly configured. You can use it to automate certificate management and report any issues that need attention. The SSL API is part of the
Quttera Malware Scanner REST API.
To set it up, you need a list of all the internal IP addresses in your network. Your results will be only as complete as the list, so be sure it includes your cloud servers, IoT devices, and any other obscure corners of your network.
Other features in the Quttera API include
port scanning to detect open ports. Knowing all the ports your servers have exposed helps to make sure you aren't running unmanaged services that you weren't aware of.
Becoming a
Quttera partner gives you access to these APIs for cloud and on-premise security management. As a partner, you can provide input for new arrangements that will let us better serve your needs.
SOURCES:
Are You Concerned about TLS Certificate Security Risks? (Venafi)
Securing Web Transactions: TLS Server Certificate Management (NIST)