New Service Helps Enterprises Renew Private Certificates Automatically

New Service Helps Enterprises Renew Private Certificates Automatically

Project overview

This case study examines the development and launch of a new service that allows enterprise customers to offload their private certificate authority infrastructure onto AWS, securing private keys and automating the renewal process for private certificates. This innovative solution was launched in General Availability (GA) within 15 months across nine different regions, built using Java and a microservice architecture on AWS. Key contributions include scaling audit report generation for up to 10 million certificates, leading API design and development, and implementing automated monitoring systems to ensure high performance and reliability.

Client
Cloud Service
Year
Apr 2018
Services
Backend Development
Platform
Private Certificates

Execution

Managing private certificate authorities can be complex and resource-intensive for enterprise customers. Recognizing the need for a more efficient solution, our team set out to create a service that would streamline the process by allowing customers to offload their private certificate authorities to AWS. This service would provide secure storage of private keys and automate the renewal of private certificates issued through the customer's subordinate CA. The new service was developed using Java, and a microservice architecture was chosen for flexibility and scalability.

Key Contributions

  • Scalable Audit Report Generation: The team scaled out the audit report generation for the service to handle up to 10 million certificates, ensuring that customers of various sizes can efficiently access and analyze their certificate data.
  • API Design and Development: Our team led the design and development of the APIs required for creating, issuing, and revoking private certificates. This effort enabled customers to have full control over their certificates while maintaining a user-friendly interface.
  • Monitoring and Alarms: To guarantee high performance and reliability, the team implemented over 100 alarms across 12 regions to monitor various metrics, such as latency, error rates, and resource usage. This automated monitoring system allows for quick detection and resolution of issues, ensuring seamless operation of the service.

Project results

Following a successful 15-month development process, the service was launched in GA across nine different regions. Customers who have adopted the service have reported reduced overhead in managing their private certificate authorities and improved security in storing private keys. By automating the renewal process for private certificates, customers can now focus on their core business activities, knowing that their certificates will be seamlessly renewed when necessary.

New Service Helps Enterprises Renew Private Certificates Automatically

Ready to start working together with our team?

Contact us
Our services