3 of 3 people found this helpful
We have a similar idea, but we're looking to track them in the BMC_Document Class of the CMDB with a categorization to reflect what they are (e.g. signed by our internal CA or an external one) then linked back to where they are used. The latter part of that is a little fuzzy, because while it might be straight-forward to relate it to an instance of Tomcat that it resides on, for example, when you add in load balancers and such it becomes a little more tricky.
Using BMC_Document is an interesting idea. Are you going to customize this class to add fields to record information like expiration date, renew date, certificate authorite name, etc..
What do you think about using them like a contract?
Thank for sharing your thoughts.
Thank Stephan for pointing to those discussion
We still haven't mapped out the attributes yet. The majority of our SSL certificates are signed by our internal CA, since we require SSL for all internal apps, so the contract idea would only be for the external ones. We're actually looking into putting a new date field on Computer Systems that we may want to instead add to Base Element because it could be re-used in this situation and for others. This is getting a little bit off topic but we want to be able to have a date field to easily track when a Computer System is up for replacement, but then we started thinking that it may apply to other things such as SSL certificates in this case.