Best practice indicates that your private key(s) should remain secure and, well…private! Should anyone get a hold of it, depending on the certificate type, they could create phishing websites with your organization’s certificate in the address bar, authenticate to corporate networks by impersonating you, sign applications or documents in your name, or read your encrypted emails. Use of PKI-based solutions continues to grow – more sites than ever are moving to HTTPS, enterprises are leveraging Digital Certificates as an authentication factor for users and machines, S/MIME is proving its worth as both an email encryption option and a way to validate the source of emails to counter phishing – but the encryption and authentication underlying these applications can be completely undermined if proper key management isn’t enforced.Įvery time a Digital Certificate is issued, whether from a CA or self-signed, a private/public key pair must be generated.
IoT Device Identity Lifecycle Management.See GlobalSign’s full line of solutions.
