Getting started
Table of Contents
Expand all | Collapse all
-
- Activate Next-Generation Trust Security
-
-
- Configure AWS connection
- Configure Azure Key Vault connection
-
- Workload Identity Federation authentication
- Workload Identity Federation - Azure Identity Provider authentication
- Next-Gen Trust Security Generated Key authentication
- User permissions
- Workload Identity Federation authentication
- Next-Gen Trust Security Generated Key authentication
- User permissions
- Supported OIDC claims
-
-
-
-
- Create an F5 BIG-IP LTM machine
- Create a Microsoft Azure Private Key Vault machine
- Create a Microsoft IIS machine
- Create a Microsoft Windows (PowerShell) machine
- Create a Microsoft SQL Server machine
- Create a Common KeyStore machine
- Create a Citrix ADC machine
- Create an Imperva WAF machine
- Create a VMware NSX Advanced Load Balancer (AVI) machine
- Create an A10 Thunder ADC machine
- Create a Cloudflare machine
- Create Kemp Virtual LoadMaster machine
- Create a Palo Alto Panorama machine
-
- Provision to an F5 BIG-IP LTM
- Provision to a Microsoft Azure Private Key Vault
- Provision to Microsoft IIS
- Provision to Microsoft Windows (PowerShell)
- Provision to Microsoft SQL Server
- Provision to a Common KeyStore
- Provision to a Citrix ADC
- Provision to an Imperva WAF
- Provision to VMware NSX Advanced Load Balancer (AVI)
- Provision to an A10 Thunder ADC
- Provision to Cloudflare
- Provision to a Kemp Virtual LoadMaster
- Provision to Palo Alto Panorama
-
-
- 47-Day Validity Readiness TLS Certificates dashboard
- About the Certificate Inventory
- Managing certificate lifecycle settings
- Reissuing certificates in Next-Gen Trust Security
- Downloading certificates, certificate chains, and keystores
- Retiring, recovering, and deleting certificates
- Finding certificates in the certificate inventory
- Importing certificates from a CA using EJBCA
- Notification Center overview
- Domain-based validation for external emails
- Managing user accounts
- Troubleshooting
Getting started
Next-Gen Trust Security helps you monitor, organize, and act on certificates that already exist in your environment with focus is on visibility, risk identification, and manual certificate lifecycle actions through the UI.
This page helps you orient yourself and find the right starting points in the product.
Start with visibility
Begin by reviewing the current state of your certificate inventory.
- TLS Certificates dashboardUse the dashboard to get a high-level view of certificate health, including expired and expiring certificates. From the dashboard, you can drill into filtered views of the certificate inventory to investigate issues.
- Certificate inventoryThe certificate inventory is the central place to view all certificates available to you. From here, you can search, filter, and open individual certificates to review details and take action.
Organize and analyze certificates
Once you understand what certificates are present, you can organize and analyze them to focus on what matters most.
- Tag certificatesUse tags to group certificates by application, team, environment, or purpose. Tags make it easier to filter the inventory and manage ownership.
- Use reportsUse built-in and custom reports to review certificate usage, expiration trends, and other certificate-related data directly in the UI.
Take action on certificates
From the certificate inventory, you can perform manual lifecycle actions to reduce risk and prevent outages.
Common actions include:
- Renewing certificates
- Revoking certificates
- Retiring or recovering certificates
- Reviewing certificate history and related events
Review activity and changes
Use the event log to understand who performed actions in the system and when.
You can filter events to review certificate-related activity, administrative changes, or authentication events as part of troubleshooting or security reviews.
About permissions and setup
Some features described here require administrator permissions. If you cannot access a feature, contact your administrator.
Configuration, integrations, and automated workflows are managed outside of Next-Gen Trust Security and are not covered in this documentation.
What’s next
Most users start with the TLS Certificates dashboard and the certificate inventory, then move on to tagging, reporting, and event review as needed.