Key Manager Plus

Key Manager Plus 2017-10-12T16:39:00+00:00

Web-based SSH Key and SSL Certificate Management Solution for Enterprises

ManageEngine Key Manager Plus is a web-based key management solution that helps you consolidate, control, manage, monitor, and audit the entire life cycle of SSH (Secure Shell) keys and SSL (Secure Sockets Layer) certificates. It provides visibility into the SSH and SSL environments and helps administrators take total control of the keys to preempt breaches and compliance issues.

What Problems Does ManageEngine Key Manager Plus Solve?

Safeguarding data in transit has always been a big challenge for security administrators. While SSH keys have helped organizations ensure security in remote administrative access and data transfer, digital keys present some unique challenges.

Usually, SSH keys are left unmonitored and unmanaged, making organizations vulnerable to cyber attacks. In the absence of an automated system, getting the list of all the keys in use, finding and restricting access privileges, and ensuring periodic rotation is a herculean task.

Similarly, managing a Secure Socket Layer (SSL) environment can be daunting when organizations use a large number of SSL certificates issued by different vendors with varying validity periods. On the other hand, SSL certificates left unmonitored and unmanaged could expire, or rogue/invalid certificates could be used. Both scenarios could lead to service downtime or display of error messages that would destroy customer trust in data security and, in extreme cases, even result in security breaches.

ManageEngine Key Manager Plus has been designed to solve all these issues and serves a one-stop solution for managing all digital identities.

SSH Key Management With Key Manager Plus


Discover SSH systems in the network, enumerate users, and private keys.

Consolidate and Store

Consolidate all discovered SSH keys in a secure, centralized repository.

Create and Deploy

Create new key pairs, associate with users, and deploy on target systems.

Rotate Keys Periodically

Rotate key pairs automatically at periodic intervals.

View Key User Relationship

Get a holistic view of the key to user relationship across the organization.

Launch Direct Connection

Launch a direct SSH connection with target systems.

Audit and Track

Audit and track all user activities and generate reports.

Restrict and Regulate Access

Associate specific resources to users and establish granular access controls.

Ensure Compliance

Manage SSH keys better, comply with regulations such as SOX, FISMA, PCI, and HIPAA.

Configure Key Management Policy

Enforce policies for key creation. Remove all existing keys for a fresh start or append new keys.

Active Directory Integration

Import users / user groups from Windows Active Directory and also leverage the authentication mechanism.

Schedule Database Backup

Provision for scheduled backup of entire database for disaster recovery.

SSL Certificate Management With Key Manager Plus


Discover all SSL certificates deployed in the network.

Centralized Inventory

Consolidate all discovered certificates in a secure, centralized repository.

Track Certificate Details

Track the name of the CA, date of issue, encryption algorithm, key length and other vital details.

Control Certificate Signing Requests

Centrally control new Certificate Signing Requests (CSR) process. Get ready-to-use CSR data files.

Expiration Alerts

Receive alerts about the certificates that are about to expire.

Ensure Compliance

Ensure usage of strong encryption algorithms key lengths. Identify and eliminate weak ones such as SHA-1 certificates.

Benefits of Key Manager Plus

  • Gain complete visibility of all SSH keys and SSL certificates present in the organization and achieve centralized control.
  • Remove all existing public key-user trust relationships and generate new key pairs. Deploy the new public keys to users in bulk with just a couple of clicks.
  • Tighten security by periodically rotating keys and prevent their misuse.
  • Launch direct connections to remote devices by using the keys present in Key Manager Plus, saving time and enhancing productivity.
  • Delete any unwanted keys from the database, terminate access immediately, and prevent violations by obsolete accounts.
  • Get customizable, recurring notifications when the validity of an SSL certificate is about to expire.
  • Eliminate service downtime or display of error messages due to expired/invalid/rogue SSL certificates.


Supported platforms for product installation Windows, Linux

Authentication : Local, Active Directory (for Windows)

Supported SSH version : v2

Backend database : PostgreSQL (bundled with the product)

Discovery : Agentless

Supported protocols : RSA (1024/2048/4096 bit) and DSA (1024 bit)