TMCnet News

Smallstep Announces General Availability of Smallstep Certificate Manager
[June 23, 2022]

Smallstep Announces General Availability of Smallstep Certificate Manager


Smallstep Labs, Inc., the automated certificate management platform for DevOps, today announced the general availability (GA) of Smallstep Certificate Manager, a SaaS platform for developers, operators and security professionals. Built for enterprise scale, the platform can deliver credentials to everything in the user environment while integrating with your existing solutions. With the new features in the GA release, organizations can easily automate Production Identity for workloads, Kubernetes containers, humans, machines, end-users, IoT devices, and more.

"It's an incredible milestone for us to bring Smallstep Certificate Manager to this stage. We have been working on this product for years, making it the perfect solution for managing identity in every area of the enterprise infrastructure," said Mike Malone, founder and CEO, Smallstep Labs. "Our focus has been to ensure that any user working in any industry can issue certificates to leverage technology their infrastructure already supports - TLS - and easily within minutes achieve practical zero trust."

Certificate Management for DevOps

The size and complexity of software systems has grown exponentially in recent years, which has led to a commensurate increase in the number of certificates required to secure network communication between system components. Modern systems with dozens or hundreds of components configured for high availability may require tens of thousands to millions of certificates to be issued and renewed daily.

Smallstep Certificate Manager, an extensible platform for DevSecOps PKI, addresses this challenge by allowing users to easily manage private TLS/SSL certificates for all internal workloads and developers. Smallstep supports the ACME protocol, single sign-on, one-time tokens, VM APIs, and other methods for automating certificate workflows. Certificate Manager benefits organizations by:

  • Reducing operational overhead with automated certificate management that reaches everything in an organization's environment;
  • Facilitating audit and security analysis by ataloging cryptographically authenticated endpoints;
  • Integrating with existing operational systems and workflows for monitoring, alerting, observability, and threat detection; and,
  • Securing network communication between people, devices, and workloads.



"We're trying to re-engineer a legacy software as a service system to make it a little more secure, more scalable. The goal that we had for the whole project was to increase security and make it a lot easier for us to maintain. So that was kind of a very quick funnel into Smallstep Certificate Manager, because it fulfills those goals for us," said Andy George, Senior Systems Engineer, Forem.

Key features include:


  • Endpoint cataloguing - providing teams with the ability to view what matters, the endpoint, not the certificate. Endpoint cataloguing also provides a way to build and promote good security practices.
  • Exporting to monitoring systems - providing the balance for operators to use Certificate Manager with pre-existing monitoring dashboard such as SIEM, Splunk, Prometheus, Sumo Logic, and more while giving your entire company the auditability it needs for every endpoint
  • New support structure - access to certificate management experts through detailed documentation, helpful FAQs, support tickets, and live assistance.
  • Modern and lightweight toolkit - easy to bring into any environment and run seamlessly. Unlike many legacy PKI solutions, Smallstep Certificate Manager was truly built for DevOps organizations.

With Smallstep Certificate Manager, you can go from signing up to getting your first certificate within minutes right within the UI to doing even more with the CLI and securing Kubernetes clusters in the first hour.

"As businesses increasingly deliver their products and services online and enable remote work, managing digital certificates is important for establishing and maintaining secure connections, and can cause service disruption if not kept up properly," said Melinda Marks, senior analyst, ESG Research. "Enterprises need a way to move beyond manually managing this process - including auditing endpoints - and automate it. Smallstep Certificate Manager can help ease this challenge."

Supporting Resources

Follow us and learn more at:

About Smallstep Labs

Smallstep turns security best practices into an open-source toolkit that empowers any developer or operator to secure their infrastructure properly. The company believes that when security is easy for all developers, everyone wins. Learn how to automate certificates (x.509 & SSH) for all your workloads, devices, and developers at smallstep.com.


[ Back To TMCnet.com's Homepage ]