ServiceNow mission is to offer seamless integration into systems of record, providing an enterprise-wide engagement layer for employees to carry out tasks, without having to switch between multiple applications. At ServiceNow Knowledge 2024, the IT Operations management product team introduced several new features with the May store release.
Certificate Management Workflows with May 2024 store release unlocks Automated Certificate Management Environment (ACME) with ServiceNow CIM workflows and introduced discovery patterns to discover certificates from Java / Windows certificate store, AWS, Azure, and Google Certificate Authority providers.
Java and Windows certificate store
Google’s proposal to reduce the lifespan of TLS (transport layer security) certificates from 13 months to 90 days will become a reality soon. This is great news for security teams as the short-lived certificates can shrink the window of opportunity for bad actors to exploit compromised or stolen certificates. However, it becomes a daunting task for your PKI teams who are not automating the certificate request/renewal and the revoke operations. Let’s explore how ServiceNow can help automate the request fulfillment process around PKI teams.
Automate Certificate Request/Renewal and Revoke operations with ACME
ServiceNow Certificate Management workflows allow enterprise customers to discover and take inventory of all deployed certificates, and proactively manage TLS certificates. NOW Platform offers the workflows for new certificates, renewals, or revoking certificates with a policy engine that transfers the request from ServiceNow to the respective certificate authorities and ships the certs back to the requester with a change request. With Certificate Authorities that offer ACME support, customers can configure the ACME end-points and drive automation. Let’s Encrypt and Entrust ACME endpoints are certificated with the May 2024 store release.
Step 1 -- Log on to the Certificate Management workspace, and add the ACME endpoints.
Step 2 -- Add credentials for Certificate authority
Step 3 -- Add Certificate Routing Policy
Now you can have employee center experience for the PKI catalogs for request / renew and revoke operations to automate the certificate request process.
Automation is increasingly becoming a necessity for enterprises with the contemporary problems that your PKI/cybersecurity teams are facing, including shrinking certificate lifespans and shrinking budgets for IT teams. Try to upgrade to the latest ServiceNow family release and activate the ACME-powered cert management workflows to drive end-to-end automation.
2 Comments
