Certificates Manager provides a highly available and secure system that handles the full lifecycle of cryptographic keys and digital certificates — from generating certificate signing requests (CSRs) and importing certificate chains to verifying digital signatures and checking certificate validity.
Architecture
Applications that need certificates interact with Certificates Manager to generate CSRs and import or export digital certificates and their certificate chains. Hardware security modules (HSMs) protect all digital keys and certificates throughout their lifecycle.
Capabilities
Generates CSRs and imports or exports digital certificates and their certificate chains
Verifies digital signatures and checks certificate validity
Stores and generates keys and certificates using HSMs, as described in Overview
Supports Rivest–Shamir–Adleman (RSA) 2048, elliptic curve (EC) P256, and EC SM2 public key algorithms
Supports the X.509 v3 certificate format and complies with public key infrastructure (PKI) and certificate authority (CA) standards
Provides multiple API operations for integrating certificate management into your development workflow, accelerating product deployment and rollout of certificate-related features