Orchestrators

This orchestrator Keyfactor orchestrators perform a variety of functions, including managing certificate stores and SSH key stores. runs on Windows servers or Linux servers and is used to run jobs at the request of the Keyfactor Command server. Jobs primarily perform certificate management tasks, but other types of operations are also supported. Jobs are provided to the orchestrator as extensions; both built-in and custom extensions are supported. The orchestrator includes built-in extensions to run SSL TLS (Transport Layer Security) and its predecessor SSL (Secure Sockets Layer) are protocols for establishing authenticated and encrypted links between networked computers. discovery and management tasks, interact with Windows servers for certificate management (IIS certificate stores), interact with File Transfer Protocol (FTP) capable devices for certificate management, manage synchronization of certificate authorities in remote forests, and retrieve the orchestrator logs for analysis with the Keyfactor API A set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command..

This orchestrator runs on Windows servers and is used to manage synchronization of certificate authorities in remote forests, run SSL discovery and management tasks, and interact with Windows servers as well as F5 devices, NetScaler devices, Amazon Web Services (AWS) resources, and File Transfer Protocol (FTP) capable devices, for certificate management. In addition, the AnyAgent The AnyAgent, one of Keyfactor's suite of orchestrators, is used to allow management of certificates regardless of source or location by allowing customers to implement custom agent functionality via an API. capability of the Keyfactor Windows Orchestrator The Windows Orchestrator, one of Keyfactor's suite of orchestrators, is used to manage synchronization of certificate authorities in remote forests, run SSL discovery and management tasks, and interact with Windows servers as well as F5 devices, NetScaler devices, Amazon Web Services (AWS) resources, and FTP capable devices, for certificate management. In addition, the AnyAgent capability of the Windows Orchestrator allows it to be extended to create custom certificate store types and management capabilities regardless of source platform or location. allows it to be extended to create custom Certificate Store Types and management capabilities regardless of source platform or location.

The Keyfactor Windows Orchestrator is no longer being developed; its last release was version 8.5. The functionality of this orchestrator is being replaced by the Keyfactor Universal Orchestrator The Keyfactor Universal Orchestrator, one of Keyfactor's suite of orchestrators, is used to interact with Windows servers (a.k.a. IIS certificate stores) and FTP capable devices for certificate management, run SSL discovery and management tasks, and manage synchronization of certificate authorities in remote forests. With the addition of custom extensions, it can run custom jobs to provide certificate management capabilities on a variety of platforms and devices (e.g. F5 devices, NetScaler devices, Amazon Web Services (AWS) resources) and execute tasks outside the standard list of certificate management functions. It runs on either Windows or Linux., which offers built-in extensions to cover some functionality plus the ease of plug-and-play extensions to add further functionality. Keyfactor intends to make some further extensions available as open source downloads in the future. Until such time as these are available to replace all the functions of the Keyfactor Windows Orchestrator, Keyfactor recommends customers continue to use the Keyfactor Windows Orchestrator version 8.5, which is fully compatible with version 9 of Keyfactor Command.

This orchestrator runs on Windows or Linux servers and is used to perform discovery of Java keystores and PEM A PEM format certificate file is a base64-encoded certificate. Since it's presented in ASCII, you can open it in any text editor. PEM certificates always begin and end with entries like ---- BEGIN CERTIFICATE---- and ----END CERTIFICATE----. PEM certificates can contain a single certificate or a full certifiate chain and may contain a private key. Usually, extensions of .cer and .crt are certificate files with no private key, .key is a separate private key file, and .pem is both a certificate and private key. certificate stores, to inventory discovered stores, and to push certificates out to stores as needed.

Important:  The Keyfactor Java Agent The Java Agent, one of Keyfactor's suite of orchestrators, is used to perform discovery of Java keystores and PEM certificate stores, to inventory discovered stores, and to push certificates out to stores as needed. will be deprecated in version 11.0 of Keyfactor Command. Customers are encouraged to begin planning a migration to the Keyfactor Universal Orchestrator with the Remote File custom extension publicly available at:

https://github.com/Keyfactor/remote-file-orchestrator

This orchestrator runs on Apple Macintosh computers and allows users to auto-enroll for certificates.

This orchestrator runs on Android OS Devices and is used to manage PEM and Java keystores. The orchestrator is distributed as part of the Keyfactor Integration SDK (software development kit). Contact Keyfactor for more information.

This orchestrator is a reference implementation intended for customers wanting to include Keyfactor Command certificate store management functionality in embedded or other platforms. The orchestrator is distributed as part of the Keyfactor Integration SDK (software development kit). Contact Keyfactor for more information.

The Keyfactor AnyAgent runs on Windows or Linux servers and is used to allow management of certificates regardless of source or location by allowing customers to implement custom agent functionality. Custom store types and/or job capabilities, on which agents operate, are created by adding commands and leveraging extendable code to communicate through an API with Keyfactor Command. Because of the custom nature of the functionality of the AnyAgent, it is not included in the table below, as it could be designed to do one or more of the capacities below, or additional capacities not included below. Contact Keyfactor for more information.

This orchestrator runs on Linux servers and is used to perform discovery of SSH The SSH (secure shell) protocol provides for secure connections between computers. It provides several options for authentication, including public key, and protects the communications with strong encryption. keys, generation of SSH keys, and management of SSH keys and Linux logons.

Configure Keyfactor Command to allow orchestrators to auto-register.

View and configure orchestrators.

View active orchestrator jobs and review job errors.

Snapshot the certificate stores and scheduled jobs of one machine and apply them to multiple other similar machines.

Configure settings for Mac auto-enrollment Certificate enrollment refers to the process by which a user requests a digital certificate. The user must submit the request to a certificate authority (CA)..