Audit Logging for Certificates
Audit Logging for Certificates
While the Keyfactor Command audit log functionality covers the entire product, the tracking of operations related to certificates is especially extensive. Certificate-related operations that are audited include:
- Certificate revocation
- Certificate download
- Enrollment
Certificate enrollment refers to the process by which a user requests a digital certificate. The user must submit the request to a certificate authority (CA). for certificates via PFX A PFX file (personal information exchange format), also known as a PKCS#12 archive, is a single, password-protected certificate archive that contains both the public and matching private key and, optionally, the certificate chain. It is a common format for Windows servers. enrollment and CSR A CSR or certificate signing request is a block of encoded text that is submitted to a CA when enrolling for a certificate. When you generate a CSR within Keyfactor Command, the matching private key for it is stored in Keyfactor Command in encrypted format and will be married with the certificate once returned from the CA. enrollment - CSR generation, re-download and deletion
- Approval of certificate requests made using templates requiring manager approval
- Certificate deletion
- Certificate metadata Metadata provides information about a piece of data. It is used to summarize basic information about data, which can make working with the data easier. In the context of Keyfactor Command, the certificate metadata feature allows you to create custom metadata fields that allow you to tag certificates with tracking information about certificates. operations (addition of or updates to metadata tags on certificates)
- Certificate collection The certificate search function allows you to query the Keyfactor Command database for certificates from any available source based on any criteria of the certificates and save the results as a collection that will be availble in other places in the Management Portal (e.g. expiration alerts and certain reports). creation or modification
- Addition of certificates to and removal from certificate stores
For more information about the audit log and using the audit log search feature, see Audit Log.
