Pivotal Cloud Foundry CredHub Adaptable

The Venafi-CredHub Adaptable Device Driver creates an integration point between the Venafi Platform and the Pivotal Cloud Foundry CredHub server by enabling Venafi to create certificates which are stored and validated through Venafi but pushed to the CredHub server.
Business Outcomes
  • Gain visibility and intelligence around machine identities in use by Pivotal CredHub

  • Enable InfoSec and AppDev teams to work together effortlessly

Integration Features
  • Fully automate renewal and provisioning of certificates from Venafi to Pivotal CredHub

  • Onboard-discovery provides a complete machine identity inventory from the start

Solution Overview

Building attribution is important in CI/CD pipelines for machine attestation. To be successful, future pipelines will require easy-to-manage secrets to secure TLS machine identities. Through sponsorship from the Machine Identity Management Development Fund, New Context has built native integration for the Venafi Platform and Pivotal Cloud Foundry CredHub via an Adaptable Application driver to provision TLS keys and certificates.

The Pivotal Cloud Foundry CredHub and Venafi Adaptable Application Driver allows an organization to use Venafi to manage certificate generation and monitoring and push those certificates to Pivotal Cloud Foundry CredHub for use in Pivotal Cloud Foundry provisioning operations. Centralizing the credentials in Cloud Foundry reduces the risk of leaked credentials and allows to encrypt application credentials without code modifications.