Automatic Enrolment Module | CogAE
Automatic enrolment Module (Let’s Encrypt) | CogAE-LE
The LetsEncrypt Proxy feature provides the ability to capture all certificates issued or renewed from the free Let’s Encrypt Certificate Authority, which can be leveraged for globally trusted external web-server certificates. Any issued certificates found by the proxy are sent to Jellyfish, giving you oversight into which LetsEncrypt certificates and domain names are being used within your environment.

The LetsEncrypt Proxy does not interfere with any of the communication between the client and LetsEncrypt services, allowing you to utilise whichever LetsEncrypt client implementation you desire. In addition, by proxying all traffic through our service, you can ensure that all outbound LetsEncrypt traffic is managed and easily auditable through your network.

The vide shows an example Linux server requesting a LetsEncrypt certificate, the creation of the DNS TXT record that LetsEncrypt requires, and the resultant certificate shown in Jellyfish. Behind the scenes, the issued certificate is simply captured by our proxy service and sent over to Jellyfish, all without interfering with the client/server issuance process.

 

Automatic Enrolment Module (SCEP) | CogAE-SCEP
Autoenrolment module for Linux allows Linux machines to auto enrol and renew digital certificates. The module leverages Simple Certificate Enrolment Protocol and Certmonger to achieve certificate request and enrolment. All certificates issued can be viewed and managed by using Jellyfish management console.

The process uses a few lines of commands which could be combined into server build and configure scripts to automatically enrol and configure certificates for webservers and other services running on Linux. The first part of the video is showing a low privilege user logging into Jellyfish then requesting a SCEP certificate for their Linux machine. The video then shows a high-privilege user logging in and viewing then approving the users request. The original user that requested the certificate is then sent instructions on how to request a certificate on their Linux box. The second part of the video shows a user requesting a certificate using the instructions sent to them. This also shows a full data dump of the certificate.

Automatic Enrolment Module (Windows) | CogAE-WIN
Jellyfish’s autoenrollment module for Windows allows auto enrol renew of digital certificates on Windows machines for both Machine and User certificates including smartcard and virtual smartcard. Jellyfish’s card management module allows virtual smartcards to be created in managed or unmanaged mode. In managed mode admins have the ability to manage the full lifecycle of virtual smartcard like creation, PIN reset and destruction. This particular video shows the process of unmanaged virtual smartcard creation and certificate enrolment. All issued certificates can be viewed and managed from Jellyfish’s management console.