Web-based SSH Key and SSL Certificate Management Solution for Enterprises

ManageEngine Key Manager Plus is a web-based key management solution that helps you consolidate, control, manage, monitor, and audit the entire life cycle of SSH (Secure Shell) keys and SSL (Secure Sockets Layer) certificates. It provides visibility into the SSH and SSL environments and helps administrators take total control of the keys to preempt breaches and compliance issues.

What Problems Does ManageEngine Key Manager Plus Solve?

Safeguarding data in transit has always been a big challenge for security administrators. While SSH keys have helped organizations ensure security in remote administrative access and data transfer, digital keys present some unique challenges.

Usually, SSH keys are left unmonitored and unmanaged, making organizations vulnerable to cyber attacks. In the absence of an automated system, getting the list of all the keys in use, finding and restricting access privileges, and ensuring periodic rotation is a herculean task.

Similarly, managing a Secure Socket Layer (SSL) environment can be daunting when organizations use a large number of SSL certificates issued by different vendors with varying validity periods. On the other hand, SSL certificates left unmonitored and unmanaged could expire, or rogue/invalid certificates could be used. Both scenarios could lead to service downtime or display of error messages that would destroy customer trust in data security and, in extreme cases, even result in security breaches.

ManageEngine Key Manager Plus has been designed to solve all these issues and serves a one-stop solution for managing all digital identities.

SSL Certificate Management
SSH Key Management


Discover all SSL certificates deployed in the network.

Centralized Inventory

Consolidate all discovered certificates in a secure, centralized repository.


Discover SSH systems in the network, enumerate users, and private keys.

Consolidate and store

Consolidate all discovered SSH keys in a secure, centralized repository.

Deploy Certificates

Deploy newly acquired certificates to their respective domain servers.

Certificate Expiration Alert

Receive alerts about the certificates that are about to expire.

Create and deploy

Create new key pairs, associate with users, and deploy on target systems.

Rotate keys periodically

Rotate key pairs automatically at periodic intervals.

Wildcard deployment details

Get a holistic view of all wildcard certificates deployed in your organization.

Let's Encrypt integration

End-to-end certificate life cycle management with Let's Encrypt.

Launch direct connection

Launch direct SSH connection with target systems.

View key user relationship

Get a holistic view of the key to user relationship across the organization.

Manage Active Directory user certificates

Discover, track and manage certificates mapped to user accounts in the Active Directory

Manage certificates in MS Certificate Store

Discover, track and manage certificates from Microsoft Certificate Store.

Push keys

Push private keys to remote user accounts.

Configure key management policy

Enforce policies for key creation. Remove all existing keys for a fresh start or append new keys.
Common features

Scheduled database backup

Provision for scheduled backup of entire database for disaster recovery.

Active Directory Integration

Import users / user groups from Windows Active Directory and also leverage the authentication mechanism.

Restrict and regulate access

Associate specific resources to users and establish granular access controls.

Alerts and Audits

Audit and track all user activities and generate

Ensure compliance

Manage SSH keys better, comply with regulations such as SOX, FISMA, PCI, and HIPAA.

Canned reports

Instant, comprehensive reports on all key management activities.

Benefits of Key Manager Plus

  • Gain complete visibility of all SSH keys and SSL certificates present in the organization and achieve centralized control.
  • Remove all existing public key-user trust relationships and generate new key pairs. Deploy the new public keys to users in bulk with just a couple of clicks.
  • Tighten security by periodically rotating keys and prevent their misuse.
  • Launch direct connections to remote devices by using the keys present in Key Manager Plus, saving time and enhancing productivity.
  • Delete any unwanted keys from the database, terminate access immediately, and prevent violations by obsolete accounts.
  • Get customizable, recurring notifications when the validity of an SSL certificate is about to expire.
  • Eliminate service downtime or display of error messages due to expired/invalid/rogue SSL certificates.



Manage upto 50 keys

Valid for 30-days. Automatically turns into free edition at the end of the trial.


Valid forever
Manage upto 5 keys


Licensing is based on the number of managed keys