SEC05-05 Certificate Security Management
Certificates are commonly used for transmission data encryption and identity authentication between systems. Centrally manage the usage and validity period of certificates and replace them in a timely manner.
- Risk level
Medium
- Key strategies
- Centrally managing certificates:
- Establish a centralized certificate management system to store, track, and manage all certificates.
- Ensure that all certificates are clearly identified, including the usage, owner, and validity period.
- Validity period management:
- Periodically check the validity period of the certificate. Update or replace the certificate that is about to expire in a timely manner.
- Do not use expired certificates to prevent security vulnerabilities and service interruption.
- Secure storage:
- Store the certificates securely. Ensure that only authorized personnel can access the certificates.
- Implement extra protection on private keys, for example, use hardware security modules (HSMs) to store private keys.
- Encrypted transmission:
- Use encrypted channels, such as SSL and TLS, to transmit certificates to prevent certificates from being tampered with or stolen.
- Do not transmit certificates on insecure networks for security purposes.
- Centrally managing certificates:
- Related cloud services and tools
Cloud Certificate Manager (CCM): provides one-stop management, such as applying for, issuing, querying, and revoking SSL certificates.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot