What is our primary use case?
I work in telecom. I am not only working with Certificate Manager; I am also working with other CyberArk products.
The most important use case for us is certificate inventory, discovery, automation, and lifecycle management of multiple endpoints across multiple platforms. We automate certificates on various platforms, including OpenShift. We are working on Azure migrations. Certificate Manager acts as a central core platform. It provides a view of every application certificate hosted and serves as a central system to implement security governance policies. Certificate Manager acts as the heart of everything we do.
How has it helped my organization?
Its automation capabilities are strong, supported by robust driver setups. Additionally, Certificate Manager training materials and documentation help end users of various technical levels effectively. In a large company like ours, not every user is the same. They do not have the same level of technical understanding. A good thing is that their documentation is good and detailed. You can take a driver and go step by step. It clearly explains to you what you have to configure.
We have reduced 80% to 90% of our outages with Certificate Manager, which impacts the revenue substantially. They have introduced automation for OpenShift through Certificate Manager which has made the lives of developers much easier. Whenever we want to implement some policies, we target only one secret. The developers get to focus on developing their applications. They can spend time on their applications and leave the security for us.
I have done PoCs with multiple vendors. Compared to others, Certificate Manager is a bit advanced. They are three to six months ahead in terms of technology. For Azure integration, they have an out-of-the-box driver. There is no need to spend time. We just need to follow the step-by-step process that they have explained, and that is it. It works.
We previously had an in-house tool that only gave us notifications and reminders. With Certificate Manager, we have consolidated all the principles in a central platform. It helps teams to have a central view of anything. We have also integrated Certificate Manager with a lot of vulnerability management tools to have a central view. We are using reporting to have a central plane of data where every week, anyone can come and see the status.
It helps notify people. It gives a heads-up to the people regarding what is happening in their system for their certificates. It has reduced the overall complexity. We are not where we were five years ago. If we want to change the root certificate altogether, we can just push it from Certificate Manager. We just push the certificate onto the endpoint. Most people are now aware of what is happening with their applications.
The core principle of policies, automation, and notifications has reduced the time for a product to be deployed in production. It helped people understand how to use a certificate and how to configure it.
It has saved time. Previously, if the application team wanted to deploy something, they had to rebuild the code and other things. They used to take two days, which has now been reduced to almost half an hour. Once they configure it, they just push it. Even for OpenShift, the time was reduced from five hours to ten minutes.
What is most valuable?
The most important feature for us is the ease of use. If something is not available, we can develop our own scripts for it. We can create change management around this tool.
We also have a lot of control, such as deciding when our application team wants to push implementations and making detailed reports. We can have reporting for change management, problem management, and lifecycle management. If someone is not renewing on time, we can notify them that this has been scheduled. We can do tracking and have workflows around it. It is easy. We can integrate it with almost everything.
What needs improvement?
The product was really good when it was a Certificate Manager product. However, since its acquisition by CyberArk, there has been a lack of significant innovations. They are pushing for cloud adoption, but we prefer on-premises solutions due to regulatory concerns. They are giving support for cloud-based and SaaS solutions. I would like equivalent support for on-premises ecosystems.
Integrating Certificate Manager with CyberArk's Conjur for centralized secret management is currently challenging for us. Conjur is a central platform where applications can store all kinds of secrets, even certificates, private keys, and passwords in a central location, and that can be distributed everywhere. This integration is crucial for our seamless operations, and we have been awaiting a solution for nearly two years.
Buyer's Guide
Certificate Lifecycle Manager
July 2026
Learn what your peers think about Certificate Lifecycle Manager. Get advice and tips from experienced pros sharing their opinions. Updated: July 2026.
904,836 professionals have used our research since 2012.
For how long have I used the solution?
I have been using the solution since 2021, so it has been almost four years.
What do I think about the stability of the solution?
We encounter hiccups, but 95% of the time, it runs perfectly fine for us.
What do I think about the scalability of the solution?
Scalability is an issue for us, requiring new components or servers for installation. Horizontal scaling is a necessity rather than vertical scaling. However, with a proper ecosystem design, it should not pose significant problems.
How are customer service and support?
We worked directly with Certificate Manager professional support, and our experience was excellent. Their technical support is knowledgeable and helpful, making Certificate Manager stand out among other CyberArk products.
Which solution did I use previously and why did I switch?
We initially had our own in-house component for lifecycle management, but it was not effective. We developed our own scripts, but they did not fulfill all our needs. This led us to adopt Certificate Manager.
How was the initial setup?
I was responsible for choosing and deploying this solution. Its initial setup is straightforward, but they have to improve the upgrade process. In a distributed network, you have machines everywhere, and it takes time. They have improved it a bit, but sometimes it is better to do it server by server.
Overall, it is easy. You just have to install the package on a server. That is it. You can enforce policies. All CyberArk products are like this.
After we started using the product, we saw its value within nine months. The shorter the certificate lifecycle, the more apparent the benefits. We have policies that allow us to realize the value within approximately nine months.
We took approximately three to four months to prepare the setup for automation. It took about eight to nine months for all the teams to get used to it. In a year, it was completely in production and operational mode. The application team started using the automation principles and following the self-service model. Our team is not involved in anything. People come and have a certificate. They do their automation on their own.
It does not require any maintenance. If you have implemented it well, It just keeps running. You have to build your process around it. We planned it and got it reviewed by Certificate Manager. We are following the best standards and best practices of the industry. We upgraded it in November, and so far, we have not touched anything. It is just running on the latest version.
What about the implementation team?
We worked directly with Certificate Manager professional support.
What was our ROI?
Measuring benefits or returns in security is challenging for us. We reduced outages by 80% but quantifying that in terms of revenue saved is difficult, as each outage has its unique value.
What's my experience with pricing, setup cost, and licensing?
The pricing has increased for us, impacting our organization due to its operational expenditure (OPEX). The pricing model is complex, considering factors beyond the number of certificates. This complexity can make our payments to Certificate Manager challenging if costs continue to rise. It is good but more expensive than the competitors.
Which other solutions did I evaluate?
We conducted a proof of concept with two vendors aside from Certificate Manager. The ease of use, responsiveness, and accuracy made Certificate Manager stand out. Certificate Manager reliably executed tasks and provided feedback. That gave it an edge over other products. However, now, Certificate Manager lacks innovation which seems to be an issue with all CyberArk products.
What other advice do I have?
To someone who is looking into Certificate Manager but already has a legacy solution in place, I would recommend going for Certificate Manager. It helps understand the ecosystem and enforce policies. You can have visibility into all the certificates and automation with the cloud and on-premises solutions. Integration is easy and straightforward.
You should understand how teams are organized in your company before starting with Certificate Manager because everything is based on permission sets. After identifying the teams, you can prepare policies for them and integrate them with Certificate Manager.
Overall, I would rate Certificate Manager an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.