Introduction
Introduction to SSL-CLM
Section titled “Introduction to SSL-CLM”Welcome to the QCecuring SSL Certificate Lifecycle Management (CLM) documentation. SSL-CLM is an enterprise-grade platform designed to bring order, automation, and security to your organization’s digital identity infrastructure.
What is SSL-CLM?
Section titled “What is SSL-CLM?”In modern infrastructure, every server, application, and device needs an identity—a digital certificate. Managing thousands of these certificates manually is impossible and dangerous. A single expired certificate can cause critical service outages, while a weak or compromised certificate can open the door to breaches.
SSL-CLM acts as your central command center for:
- Discovery: Finding every certificate on your network, whether you know about it or not.
- Inventory: Maintaining a real-time, searchable database of your cryptographic assets.
- Automation: Replacing manual spreadsheet tracking with automated renewal and installation.
- Governance: Enforcing policy guardrails (e.g., “No SHA-1”, “RSA-2048 minimum”).
Why Use SSL-CLM?
Section titled “Why Use SSL-CLM?”1. Eliminate Outages
Section titled “1. Eliminate Outages”90% of Global 5000 companies have suffered an outage due to an expired certificate. SSL-CLM’s automated renewal engine ensures certificates are renewed before they expire, without human intervention.
2. Crypto-Agility
Section titled “2. Crypto-Agility”When a cryptographic standard is broken (like SHA-1 was), you need to replace all your certificates fast. SSL-CLM allows you to bulk-reissue thousands of certificates with new keys and algorithms in minutes, not months.
3. Vendor Independence
Section titled “3. Vendor Independence”Don’t be locked into a single Certificate Authority (CA). SSL-CLM abstracts the CA layer, allowing you to switch between DigiCert, Sectigo, Let’s Encrypt, or your internal Microsoft CA seamlessly.
Key Capabilities
Section titled “Key Capabilities”| Capability | Description |
|---|---|
| Network Scanning | Agents scan IP ranges and ports to find undocumented certificates. |
| Cloud Integration | Native API integration with AWS, Azure, and Google Cloud to discover load balancers and key stores. |
| Agent-Based Management | Lightweight agents for IIS, Apache, and NGINX handle private key generation and installation behind firewalls. |
| ACME Server | Turn your internal PKI into an ACME-compatible CA for seamless integration with automation tools like Certbot. |
Documentation Structure
Section titled “Documentation Structure”This documentation is organized to guide you from basic concepts to advanced operations:
- Architecture & Concepts: Understand the moving parts (Control Plane, Agents).
- Certificate Types: Learn about DV, OV, EV, and Private certificates.
- Lifecycle Management: The core workflows of Discovery, Renewal, and Revocation.
- Validation Workflows: How domain ownership is verified (HTTP-01, DNS-01).
- Usage & Operations: Installation guides and daily operational tasks.
Get Started
Section titled “Get Started”If you are new to SSL-CLM, we recommend starting with the Architecture & Concepts page to understand how the platform fits into your environment.