Skip to content
QCecuring

Certificate Stores

Certificate Stores

Section titled “Certificate Stores”

Certificate Stores represent deployment targets where certificates are installed, bound, validated, and monitored.

Certificate Stores List

Overview

Section titled “Overview”

Each store defines:

  • Name – Logical identifier (e.g., Windows-VM-IIS)
  • Type – IIS, NGINX, Apache, etc.
  • Path – Optional store path
  • Connector Config – Associated connector/agent
  • Last Sync – Inventory synchronization status

Stores act as execution targets for deployment and lifecycle operations.

Supported Store Types

Section titled “Supported Store Types”
  • IIS
  • NGINX
  • Apache
  • Custom Agent-Based Stores

Store capabilities depend on connector type and agent support.

Store Actions

Section titled “Store Actions”

Each store provides operational actions:

Deploy Certificate

Section titled “Deploy Certificate”

Install a certificate into the target store.

Deploy Certificate

  • Select certificate
  • Provide PEM (if manual)
  • Optional private key
  • Optional store path

Discover Certificates

Section titled “Discover Certificates”

Scan the store and import certificates into inventory.

Used to:

  • Detect unmanaged certificates
  • Sync deployment state
  • Identify drift

Bind Certificate

Section titled “Bind Certificate”

Bind a certificate to a service endpoint.

Bind Certificate

  • Select Certificate ID
  • Specify binding target
    • IIS → Site name
    • NGINX → Server block
    • Apache → Virtual host

Validate Deployment

Section titled “Validate Deployment”

Run validation checks:

  • Certificate present in store
  • Private key available
  • Chain integrity
  • Service binding status

Backup

Section titled “Backup”

Create a backup of the current certificate state before modification.

Sync to Inventory

Section titled “Sync to Inventory”

Synchronize store certificates with central inventory.

Used to:

  • Update metadata
  • Detect drift
  • Maintain source-of-truth alignment

Edit

Section titled “Edit”

Modify:

  • Store name
  • Connector configuration
  • Path settings

Delete

Section titled “Delete”

Remove store configuration from platform.

Does not automatically remove certificates from the actual system.

Operational Flow

Section titled “Operational Flow”

Typical lifecycle:

  1. Discover existing certificates
  2. Deploy new certificate
  3. Bind to service
  4. Validate deployment
  5. Sync to inventory
  6. Monitor & renew

Governance

Section titled “Governance”

All store operations generate:

  • Audit log entries
  • Deployment status updates
  • Validation records

Certificate Stores provide controlled, auditable deployment execution across infrastructure.