.png){kind=logo}
Introduction and architecture
Keyfactor’s Command SaaS is a cloud-based Certificate Lifecycle Management platform that enables organizations to gain visibility into, quantify, and manage their identity assets. The platform is designed to integrate with a third-party Certificate Authority (CA) for certificate issuance.
Deployment architecture
Notes:
Access to the Portal and Command requires allowlisted IP addresses. An Admin adds the IP address within the SaaS Portal. During deployment, the user is prompted to add the first IP address. This requirement applies to both users and Orchestrators communicating with Command.
Each Command SaaS deployment supports a single third-party CA connection, which must be selected during the deployment process.
When reviewing the Command documentation, it is important to note that Command SaaS is not configured through Active Directory.
Command is preconfigured to establish secure communication with your CA. The configured Certificate Authority in Command, as well as the CA Gateway configuration, must not be deleted. These elements are critical for secure integration and cannot be restored without intervention from support.
When using DigiCert, ensure that the CA Template Name field matches the “Name:” value listed in the DigiCert portal for the organization. This alignment is required for successful certificate enrollment.