How can an application's cert be issued when we deploy an app from the console?

You add certificate configuration while adding an application through UI.
These parameters defined for an app are used while creating a build and we embed code to generate a CSR to the converted image.
Now when we run an application, then it calls the 'Create Certificate' API with CSR as a parameter to the agent running on that node.
The agent sends the request to the Fortanix Confidential Computing Manager (CCM) backend by adding node-id to the parameter.
The Fortanix CCM backend verifies if the domains for that app are whitelisted, build is whitelisted and application is running in an enclave with a valid attestation, then it creates a certificate for that app running on that node and sends it as a response.
Whenever a domain is added or updated, a domain whitelisting task is created. Similarly, when a build is created a build whitelisting task is created. These tasks for an app need to be approved before running an application.
For more details please refer to the Fortanix Confidential Computing Manager User Guide.

How can an application's cert be issued when we deploy an app from the console?

PLATFORM

Key Insight

Data Security Manager™

Confidential Computing Manager

Enclave Development Platform®

Request A demo

Contact Us

Free Trial

SOLUTIONS

AWS KMS External Key Store (XKS)

Google External Key Manager

Bring Your Own Key (BYOK)

HSM Modernization

Multicloud Key Management

Post Quantum Cryptography

Code Signing

Secrets Management

Tokenization Transparent

Database Encryption

Filesystem Encryption

Confidential Data Search

Confidential AI

Healthcare

Banking & Financial Services

Fintech

Manufacturing

Web 3.0

Federal Government

RESOURCES

Blog

Whitepapers

Datasheets

Solution Briefs

Ebooks

Reports

Case Studies

Webinars

University

Media Kit

Newsletters

COMPANY

About

Careerswe’re hiring

Customers

Partners

Awards

Events

Press

News

Services

Support

FAQ

4.6