Management of SSL and TLS certificates is a critical part of securing applications and the infrastructure they run on. Certificates and keys identify sites as authentic to visitors and other systems. Successful attacks against them allow attackers to impersonate or severly damage applications and the companies hosting them.
GitLab's goal with PKI Management is to automate the process of managing, maintaining, and rotating the certificates needed to run your applications.
In line with our guiding principles, we strive to inform you when there is a potential issue, such as expired certificates or insecure ciphers being used, so that you can take action. Longer term, our goal is to be able to automatically rotate and update certificates when these types of issues are detected.
Maturity epics are linked under the vision epic and will link to individual issues that get us to our maturity goals.
Our initial MVC will focus on identifying if a GitLab deployed app has an up-to-date SSL certificate in place so that it can safely serve traffic over HTTPS. Then, if certificates are expired or invalid, we will notify and alert you so you can take action.
Gartner has published a solution comparison for PKI which describes several vendors and ways to evaluate PKI providers.
There is no feature available for this category.
The category is very new, so we still need to engage customers and get feedback about their interests and priorities in this area.