Key Manager Plus helps you with SSH key management, SSL certificate management, and additionally provides a secure repository to store any type of digital key file.
Key Manager Plus allows you to centrally manage SSH keys, SSH servers and their users.
Add any digital key to the secure repository of Key Manager Plus. Update the key versions, and export the same or retrieve previous versions of a key for disaster recovery.
Click the Discovery tab in the side panel, select the SSH radio button, and choose to discover SSH servers by their hostnames or IP addresses individually or simultaneously. The list of discovered servers can be viewed from the SSH → SSH servers tab.
Click the SSH → SSH servers tab in the side panel and click the 'Credentials' icon available in the left corner of the screen. When you check the 'Root/Administrator' checkbox and enter the appropriate credentials, access is provided to all the user accounts in the server.
Alternatively, SSH keys and the SSH users side tabs can also be used to create, deploy, and manage the keys, and also manage all the user accounts available in the discovered resources.
To create keys and deploy them in the respective user accounts in the target server, click the SSH → SSH servers tab in the side panel and click the 'Create and Deploy' icon in the right corner of the screen.
To rotate the keys, navigate to SSH → SSH keys tab and select the keys to be rotated. Click the 'Rotate' button available below the header bar to rotate the keys.
Discover the certificates in your network by navigating to the Discovery tab in the side panel, choosing the SSL radio button, and specifying the hostnames or IP addresses of the servers on which they are used. A list of the discovered certificates is enumerated in the SSL → Certificates tab.
Create self-signed certificates, or CSRs, from the SSL → Certificates or SSL → Create CSR tabs respectively. The new certificate and its details are appended to the respective tabs.
Add requests for certificates from the SSL → Certificate request tab. Click the Add request button to raise a new request. Enter your request details and attach a CSR to your request. Keep track of your requests from the SSL → Certificate request tab.
Navigate to the Settings → Notification tab and select the SSL Certificate expiry option and configure the number of days, and whether to receive notifications via email and/or syslog.
Certificates encrypted with vulnerable SHA-1 algorithm are tracked and displayed in the Dashboard.
Add keys to Key Manager Plus's repository, from the Key Store tab. Key Manager Plus stores the digital key along with its details in the repository. You can edit the details of the key to organize, search, and locate them faster. You can specify the details of the key such as its type (for eg. AWS-RSA), optional passphrase, and map the key to its deployed server instance by specifying server details such as the instance name (for eg. AWS-KMP server), data center (for eg. AWS-North Central U.S), and so on.
Details of the keys imported into the Key Store can be updated by clicking the Update Key icon. The earlier version of the key is still available and can be retrieved by clicking the Key version icon.
The keys available in the Key Store can be exported using the Export key icon. In addition, you can export earlier versions of the key by navigating to the Key version window.