“Every SSL certificate comes with a shelf life, as they expire in one, two or three years,” says Amar Doshi, Symantec’s senior manager of product management. Certificate Intelligence Center lets IT managers track both public Web-facing and internally-used certificates in order to act before these certificates expire. The service is similar to one offered by competitor Venafi, he says.
In addition, Symantec’s cloud-based service, working in conjunction with the on-premises component, which is available based on Red Hat Linux or VMware-based virtual appliance, can scan to detect so-called “rogue certificates,” Doshi says.
Rogue certificates have been discovered in corporate networks because someone at a company went and got them from a certificate authority that was not the usual source, or sometimes this has even been done maliciously. The bottom line is the certificate isn’t officially recorded as in use by the business. The certificate-scanning service would be able to seek them out and report back on them, he says.
Symantec [Nasdaq: SYMC] last year acquired the VeriSign trust services group for over US$1 billion. The Symantec Certificate Intelligence Center service, now in beta, is the first new major product/service roll-out since the time of the acquisition.