Orchestrators

This orchestrator Keyfactor orchestrators perform a variety of functions, including managing certificate stores and SSH key stores. runs on Windows servers or Linux servers and is used to run jobs at the request of the Keyfactor Command server. Jobs primarily perform certificate management tasks, but other types of operations are also supported. Jobs are provided to the orchestrator as extensions; both built-in and custom extensions are supported. The orchestrator includes built-in extensions to run SSL TLS (Transport Layer Security) and its predecessor SSL (Secure Sockets Layer) are protocols for establishing authenticated and encrypted links between networked computers. discovery and management tasks, manage synchronization of certificate authorities in remote forests, and retrieve the orchestrator logs for analysis with the Keyfactor API A set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command..

This orchestrator runs on Windows or Linux servers and is used to perform discovery of Java keystores and PEM A PEM format certificate file is a base64-encoded certificate. Since it's presented in ASCII, you can open it in any text editor. PEM certificates always begin and end with entries like ---- BEGIN CERTIFICATE---- and ----END CERTIFICATE----. PEM certificates can contain a single certificate or a full certifiate chain and may contain a private key. Usually, extensions of .cer and .crt are certificate files with no private key, .key is a separate private key file, and .pem is both a certificate and private key. certificate stores, to inventory discovered stores, and to push certificates out to stores as needed.

Important:  The Keyfactor Java Agent The Java Agent, one of Keyfactor's suite of orchestrators, is used to perform discovery of Java keystores and PEM certificate stores, to inventory discovered stores, and to push certificates out to stores as needed. will be deprecated in a future version of Keyfactor Command. Customers are encouraged to begin planning a migration to the Keyfactor Universal Orchestrator The Keyfactor Universal Orchestrator, one of Keyfactor's suite of orchestrators, is used to interact with servers and devices for certificate management, run SSL discovery and management tasks, and manage synchronization of certificate authorities in remote forests. With the addition of custom extensions, it can provide certificate management capabilities on a variety of platforms and devices (e.g. Amazon Web Services (AWS) resources, Citrix\NetScaler devices, F5 devices, IIS stores, JKS keystores, PEM stores, and PKCS#12 stores) and execute tasks outside the standard list of certificate management functions. It runs on either Windows or Linux servers or Linux containers. with the Remote File custom extension publicly available at:

https://github.com/Keyfactor/remote-file-orchestrator

For more information, see Installing Custom-Built Extensions.

This orchestrator runs on Apple Macintosh computers and allows users to auto-enroll for certificates.

This orchestrator runs on Android OS Devices and is used to manage PEM and Java keystores. The orchestrator is distributed as part of the Keyfactor Integration SDK (software development kit). Contact Keyfactor for more information.

This orchestrator is a reference implementation intended for customers wanting to include Keyfactor Command certificate store management functionality in embedded or other platforms. The orchestrator is distributed as part of the Keyfactor Integration SDK (software development kit). Contact Keyfactor for more information.

The Keyfactor AnyAgent The AnyAgent, one of Keyfactor's suite of orchestrators, is used to allow management of certificates regardless of source or location by allowing customers to implement custom agent functionality via an API. runs on Windows or Linux servers and is used to allow management of certificates regardless of source or location by allowing customers to implement custom agent functionality. Custom store types and/or job capabilities, on which agents operate, are created by adding commands and leveraging extendable code to communicate through an API with Keyfactor Command. Because of the custom nature of the functionality of the AnyAgent, it is not included in the table below, as it could be designed to do one or more of the capacities below, or additional capacities not included below. Contact Keyfactor for more information.

This orchestrator runs on Linux servers and is used to perform discovery of SSH The SSH (secure shell) protocol provides for secure connections between computers. It provides several options for authentication, including public key, and protects the communications with strong encryption. keys, generation of SSH keys, and management of SSH keys and Linux logons.

Configure Keyfactor Command to allow orchestrators to auto-register.

View and configure orchestrators.

View active orchestrator jobs and review job errors.

Snapshot the certificate stores and scheduled jobs of one machine and apply them to multiple other similar machines.

Configure settings for Mac auto-enrollment Certificate enrollment refers to the process by which a user requests a digital certificate. The user must submit the request to a certificate authority (CA)..