Starlink encountered a high-profile outage in April that caused service to go down for several hours. The reason was an expired digital certificate.

Digital certificates have emerged as the currency of digital trust in the hyper-connected world of today. These electronic credentials enable devices to recognize, trust and interoperate with each other. The certificates keep the identity of the holder – computers, websites, individuals, organizations and other entities – tied to the private keypair that encrypts and signs the information.

“Certificates are the way trust is established between digital connected products,” agrees Mike Nelson, GVP of DigiCert, an authority in digital certificates. “They are the core of establishing immutable identity and encrypting sensitive data that’s moving over wires.”

Even up until a few years, digital certificates were not widely prevalent. But today, there are approximately 55,000 certificates on an average, per organization.

This is a transformational shift, but the proliferation has left many companies struggling to manage them.

“It’s getting to a point where organizations don’t just need to establish trust, but they need to do better at managing trust and that is where the movement in cryptography and certificates is going right now,” said Nelson.

High volumes, varying periods of validity, and the need for end-of-life replacement make lifecycle management of certificates a jarring process. Any lack of oversight can lead to major security vulnerabilities, non-compliance and disruption of services. Case in point, the Starlink outage.

Certificate management typically entails an iterative workflow of issuance, installation, renewal, remediation and replacement. With certificates becoming an irreplaceable part of digital communication, a new model of management that is designed to establish greater confidence in identities is required to protect data and transactions, he said.

DigiCert was founded on the premise of establishing trust, Nelson said, during a presentation at the Security Field Day event in Calif. “DigiCert has evolved from a provider of SSL public certificates to a comprehensive provider of digital trust solutions that help our customers manage trust.”

DigiCert is deployed to over 3 billion connected devices in the market.

“We play in all critical infrastructure industries,” he informed. From satellites to submarines, DigiCert’s certificates are used to ensure trust and integrity in a growing array of devices.

DigiCert ONE is their platform solution that allows implementation and management of PKI solutions from a single point of control. To explain better, Nelson went over a handful of products underpinning the solution and the use cases they serve.

For example, CertCentral, one of the products on DigiCert ONE, combines the steps of issuance, renewal and signing of certificates into one dashboard, essentially simplifying trust lifecycle management.

Also part of the platform is DNS Trust Manager, a tool that ensures uptime by eliminating DNS service outages.

“Most important in the DNS space is availability and reliability, and we have put all of our eggs in that basket to make sure that the service that we provide is the most available, most reliable, and the fastest in the market,” he said.

DigiCert’s IoT security solutions include a small lightweight agent engineered with Mocana’s technology.

An embedded security company, “Mocana brought to us the ability to not just provision secrets to devices to establish trust, but also do things like facilitating an update,” he said.

The device allows users to monitor, manage, secure and update devices remotely.

Another DigiCert product designed to crank up security standards in IoT applications and embedded software is the TrustCore SDK. TrustCore SDK is a lightweight software development kit that software engineers can deploy out-of-the-box on the devices to add capabilities without having to build them from the scratch.

“Software is eating the world. It’s everywhere,” said Nelson. “And the importance of software security in the supply chain is under attack.”

DigiCert’s Software Trust Manager, a core product in the suite, offers capabilities like security for software signing processes, a growing source of security vulnerabilities in software products – automated key rotation, and scanning features like binary analysis and vulnerability scanning, a new addition.

“DigiCert is the only product in the market that I know of that does all three from a centralized platform,” said Nelson. “Our customers are loving this capability because it simplifies their vendor selection and workflows, and makes things easier for the engineers working on their teams.”

Watch DigiCert’s full presentation from Security Field Day to learn more about DigiCert ONE.