Skip to content
Deepak Gupta markThe Identity Map

The Identity Map / PKI/CLM

PKI & Certificate Lifecycle Management

Issuing, discovering, and renewing TLS certificates and cryptographic keys: machine identity at the protocol layer.

Every TLS handshake, code signature, and mutual-auth connection rests on a certificate, and an expired or rogue one takes services down or opens a breach. PKI and certificate lifecycle management platforms issue, inventory, and auto-renew those credentials at machine scale. Shorter certificate lifetimes and the coming migration to post-quantum cryptography are turning this once-sleepy branch into a priority.

Top picks

Venafi (CyberArk) · Keyfactor · DigiCert · AppViewX · Sectigo

8 vendors on this branch

Venafi

Acquired

USA

Machine identity / cert lifecycle

Acquired by CyberArk

View full profile

Keyfactor

Top pick

USA

PKI + cert lifecycle automation

EJBCA open source

View full profile

DigiCert

Top pick

USA

TLS/PKI, cert management

CA + CLM

View full profile

AppViewX

Top pick

USA

Cert lifecycle + machine identity

Automation

View full profile

Sectigo

Top pick

USA

CA + certificate management

Certificate authority

View full profile

GlobalSign (GMO)

USA / Belgium

CA, PKI, IoT identity

Certificate authority

View full profile

HID Global

USA

Identity & PKI, credentials

Physical + digital

View full profile

Smallstep

Open source

USA

Automated PKI / device identity

Open-source roots

View full profile
Looking for deep, evaluated profiles in this category? Browse every PKI/CLM vendor on startwithidentity.com.