CMS Enterprise now provides exclusive, real time policy control at the Certificate Authority (CA), providing the most comprehensive security compliance for certificate issuance available today.
The CMS Custom Policy Modules intercept the certificate requests and can then perform important security-enhancing actions such as:
- Allowing only certain IP addresses to request certificates. Preventing a user with access to the CA itself from being able to request a certificate outside of the approved CMS Enrollment process.
- Using the CSS-patented VSCEP™ technology, CMS secures on-device key generation during certificate enrollment for iOS and Mac devices, without the use of client-side agents.
- Preventing a user from receiving a duplicate certificate from the requested template.
If a request does not have a subject alternative name, CMS can add a SAN in to the certificate request automatically.