What is Polling?
The Jellyfish Polling feature enables the gathering of certicicates from the CA directly.
This can be used to bring:
- certificates not issued through Jellyfish under management;
- as a transition to Jellyfish mechanism for existing PKI deployments; or
- as a transition of CA types into Leviathan CA, which is a performance and scale oriented CA built into Jellyfish
Where this can also be useful is where an CA (such as an AD CS CA) is specified that issues certificates directly. In this instance poling allows for these certificates to be brought under management so that an accurate count of certificates and all of their attributes. This in turn allows for them to be searched, revoked and reported on. They can also be exported.
How does Polling work?
Polling works differently depending on the CA type. For instance when used with AD CS, polling works on Active Directory, by querying certificates directly using the Microsoft Native certificate database interfaces. For UniCERT Jellyfish Polling uses UPI where installed or direct DB integration where this is not an option and the REST API when doing this for EJBCA for instance. As much Jellyfish relevant data is extracted as possible and fed into the Jellyfish solution for analysis, search, and reporting.
Polling can be used in both on-premise deployments and as part of a SaaS cloud system. Using polling for SaaS is particularly useful when customers have an older CA and want to switch to a Jellyfish CA while still retaining all the information from their old CA for historic record purposes.
Ability to capture all certificates from any source within Microsoft Active Directory.
Ability for enhanced licensing capabilities. Given templates from the CA are configured in Jellyfish, relationships to templates CAs, and costs will persist in Jellyfish as if they were a native Jellyfish cert.
Ability to control how far back polling will search, and from which serial number to begin with. Rollback to re-poll a CA a second time (without causing duplications in Jellyfish), resumption to continue from where it has left off, complete reset of progress to poll a CA as if it has not been seen before.
Use of the powerful Jellyfish search to find certificates with matching criteria.
Use of the Jellyfish notification system to keep you up to date on the lifecycle of your Jellyfish certificates.