Incorporate certificates from leading certificate authorities into pipelines

TRY NOW

Discover what you can do with Venafi Cloud

// Ready to get started? 

Sign up for free

CREATE MY ACCOUNT

© 2018 Venafi, Inc. All rights reserved.        Privacy | Terms of Use | End User License Agreement

No credit card needed.

There are two actors on a network
 people and machines. 

Each year, organizations spend billions protecting their usernames and passwords but almost nothing protecting their machine identities, which secure machine-to-machine communication.


Are you taking an active role in protecting your keys and certificates?

Did you know?

CREATE MY ACCOUNT

No credit card needed.

Venafi’s rich ecosystem supports DevOps with a well-documented REST API, a command line utility, an ACME server, and vendor-led integrations with containerization, orchestration, or configuration management tools.

Containerization tools

  • Kubernetes + JetStack cert-manager—Automates the management of key and certificate lifecycle from leading certificate authorities for Kubernetes pods and ingress controllers.


  • Docker—Generates key material and requests certificates for you. Certificates are then securely exposed to other containers running in the same Docker host as the Venafi container. 

Orchestration tools

  • Terraform—Performs key generation and can be referenced via Terraform plans for seamless acquisition and deployment of certificates.

Configuration management tools

  • SaltStack—Consists of a runner module and an external pillar module. Simplifies the process of getting and deploying certificates by leveraging our integration to push certificates to minions via Salt's pillar system.

SECURE YOUR CONTAINERS

SECURE YOUR INFRASTRUCTURE

SECURE YOUR MINIONS

How do teams benefit from Venafi Cloud?

Information security teams can offer automated certificate self-service that’s designed to work with DevOps pipelines.

IT operations and developers benefit from seamless, automation for accessing trusted certificates that comply with policy.

Secrets management tools

  • HashiCorp Vault—Provides the ability to enforce policy for any certificates enrolled when HashiCorp Vault's API is called upon to issue a certificate.

USE VAULT TO GET POLICY-COMPLIANT CERTIFICATES

Venafi Cloud ACME Server

  • ACME Server—Automates certificate management using certificates from leading certificate authorities, GlobalSign and DigiCert, for external-facing infrastructure such as load balancers and web servers.

SECURE EXTERNAL INFRASTRUCTURE EASILY

About the ACME Protocol

The Automatic Certificate Management Environment (ACME) protocol is a communications protocol for automating interactions between certificate authorities and their users' web servers, allowing the automated deployment of public key infrastructure at very low cost. It was designed by the Internet Security Research Group (ISRG).

REST API and Supporting Services

  • REST API—Gives developers ready access to request certificates, review certificate issuance policies, view issued certificates, and push certificates direct to Microsoft Azure Web Apps, and much more. 
  • VCert—Generates keys to simplify certificate acquisition by eliminating the need to write code to interact with the Venafi REST API. 
  • VCert SDK—A cross-platform software development kit written in Go that allows application developers to integrate key generation and certificate management tasks into custom applications.

GET YOUR CERTIFICATES VIA API OR COMMAND LINE

SWAGGER DOCUMENTATION


POST https://api.venafi.cloud/v1/certificaterequests
tppl-api-key: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX



{"certificateSigningRequest":  
"-----BEGIN CERTIFICATE REQUEST-----\n
 ...
 -----END CERTIFICATE REQUEST-----\n",
"zoneId": "ffb9b170-0e7d-11e7-ae35-1b52a158cd01"}


{"certificateSigningRequest":  
"-----BEGIN CERTIFICATE REQUEST-----\n
 ...
 -----END CERTIFICATE REQUEST-----\n",
"zoneId": "ffb9b170-0e7d-11e7-ae35-1b52a158cd01"}

TERRAFORM INTEGRATION ON GITHUBJETSTACK (KUBERNETES) INTEGRATION ON GITHUBDOCKER INTEGRATIONSALTSTACK INTEGRATION ON GITHUBVAULT INTEGRATION ON GITHUB (PKI-BACKEND)

OUR INTEGRATIONS MAKE IT EASY TO

  • GlobalSign 

  • DigiCert
  • Containerization

  • Orchestration

  • Configuration management

  • Secrets management

GlobalSign - PKI for DevOps

GlobalSign solves the leading PKI challenges facing DevOps teams, allowing them to rely on proven, hosted PKI services instead of building CA infrastructure in-house, avoiding certificates all together, or using weak implementations that increase security risks. Our partnership enables you to request GlobalSign certificates using Venafi Cloud’s web interface, REST API, DevOps tools, and ACME server.

  • High speed issuance delivers certificates in seconds, including client certificates, code signing, certificates for containers, web servers, machines, and more
  • Free certificates available and option to add public trust
  • Standardize CA infrastructure across DevOps practices to meet compliance and reduce risks associated with poor PKI implementation and private key protection

USE GLOBALSIGN CERTIFICATES IN DEVOPS

DigiCert - Expanding Capabilities

Venafi has a longstanding partnership with DigiCert, a premier high-assurance digital certificate provider. Our partnership enables you to request DigiCert certificates using Venafi Cloud’s web interface, REST API, DevOps tools, and ACME server. 

  • Get free dev and test certificates
  • Easily get and deploy production certificates 

USE DIGICERT CERTIFICATES IN DEVOPS

Certificate Authority Integrations

Public cloud provider: Microsoft Azure

Securing your infrastructure in Microsoft Azure just got easier. Available via our web interface and our REST API, our integration:

  • Make it easy to secure Azure Web Apps with HTTPS
  • Lets you obtain certificates from leading certificate authorities and deploy them directly to Azure Key Vault and Azure Web Apps
  • Automates the management of SSL/TLS certificates


SECURE AZURE WEB APPS WITH HTTPS

Cloud Provider Integrations

  • Microsoft Azure

LEARN MORE
GET AN ACCOUNTVAULT INTEGRATION ON GITHUB (MONITORING)