Pivotal Cloud Foundry CredHub Go App
Updated Apr. 3 2021

CredHub Venafi is a tool to manage certificates in both CredHub and Venafi. The app enables Venafi to create certificates which are stored and validated through Venafi but pushed to the CredHub server.
Business Outcomes
  • Enable InfoSec and AppDev teams to work together effortlessly

  • Gain visibility and intelligence of machine identities in use by CredHub

Integration Features
  • Ensure synchronicity between Venafi and CredHub

  • Perform critical tasks around machine identitiy lifecycle directly from CredHub

Solution Overview

Building attribution is important in CI/CD pipelines for machine attestation. To be successful, future pipelines will require easy-to-manage secrets to secure TLS machine identities. Through sponsorship from the Machine Identity Management Development Fund, New Context has built native integration for the Venafi Platform and Pivotal Cloud Foundry CredHub to provision TLS keys and certificates.

The CredHub-Venafi app allows an organization to use Venafi to manage certificate generation and monitoring within Pivotal Cloud Foundry CredHub for use in Pivotal Cloud Foundry provisioning operations. Centralizing the credentials in Cloud Foundry reduces the risk of leaked credentials and allows to encrypt application credentials without code modifications.