主权项 |
1. A method comprising:
receiving, by a certificate management sensor executing on a processor of a first computing device, first instructions from a certificate management system (CMS) over a first network to analyze a second computing device on a second network to identify an application on the second computing device associated with cryptographic network traffic on the second computing device; generating, by the certificate management sensor, an application fingerprint of the application, wherein generating the application fingerprint comprises determining a checksum of a file on disk that corresponds to the application using a cryptographic certificate and at least one of a size of the file and a byte pattern from the file; transmitting, by the certificate management sensor, the application fingerprint to the CMS in response to the first instructions; receiving, by the certificate management sensor, second instructions from the CMS to generate a certificate signing request (CSR) for at least one of a new certificate, a renewed certificate or a replacement certificate for the application; transmitting, by the certificate management sensor, the CSR to the CMS over the first network in response to the second instructions; receiving, by the certificate management sensor, third instructions from the CMS to automatically install the at least one of the new certificate, renewed certificate or replacement certificate on the second computing device in response to the CSR; and initiating execution of the third instructions to automatically install the at least one of the new certificate, renewed certificate or replacement certificate on the second computing system. |