Comodo Certificate Manager

Simple, Automated & Robust Management

Comodo Certificate Manager (CCM) takes the complexity, cost and time out of managing digital certificates.

Through a cloud-based platform CCM enables businesses to have complete visibility and lifecycle control over any certificate in their environment along with the tools, support and capabilities to reduce risk, quickly respond to threats and control operational costs. With Comodo CCM customers receive the most advanced certificate management solution available along with industry leading 24x7 support backed by the #1 leading brand* in digital certificates.

Manage All Certificate Types From a Single Platform

Multi-Domain Certificates

Private Authority (PA) Certificates

Organization Validation (OV) Certificates

Wildcard Certificates; Device Certificates

Extended Validation (EV) Certificates

Self-signed Certificates

Code Signing

EV Code Signing Certificates

S/MIME Email Certificates

Certificate Discovery

Comprehensive scanning to discover all certificates in your environment regardless of the CA.

Built into the cloud-based console, the certificate discovery feature enables an organization to:

  • Quickly scan your private and public networks.
  • Detect all SSL/TLS certificates currently in use regardless of the issuing Certificate Authority (CA).
  • Identify important configuration details.
  • Present the data back to you in an organized, intuitive management dashboard.
  • Receive custom notifications for in-console alerts or by email.
  • Create detailed reports that include upcoming expirations, key length, hashing algorithms, and more.
  • Prevent down time from unexpected expirations with notices through email notifications and console alerts.

When administrators have real-time visibility, they can make the right decisions and take the necessary actions to protect their environment.

Certificate Discovery also provides tools and guides so that enterprises can mitigate the risks of non-compliance, maintain industry best practices and adhere to corporate and compliance policies. Standard and customized reporting also includes security and vulnerability ratings on all SSL/TLS certificates, helping administrators quickly identify and take corrective actions.

Comodo CA CCM Certificate Discovery
Certificate Lifecycle Management


Full control, visibility and simple management for issuing, installing, remediating and renewing certificates

Network environments are continually expanding to include new secure web-based projects; ensuring a secure web environment means more demands on managing certificates. Managing multiple certificates with different expiration dates (including ones issued by different vendors) creates challenges for even the most sophisticated enterprise. 

For enterprises with a large web environment, the process of managing the lifecycle for every SSL certificate can lead to oversight, manual errors, improper configuration, weak ciphers, and unintended expirations. CCM reduces these risks by ensuring complete lifecycle management for all enterprise web assets.

CCM lifecycle management capabilities include:

  • Instant Issuance - Instantly issue, DV, OV, or EV SSL certificates for every pre-validated domain. Role-based user access enables individuals or teams the ability to issue certificates across the organization
  • Configuring & Installation - Automatic configuration and installation of certificates using SCEP, REST, or EST to automate certificate deployment across the network.
  • Remediation - Real-time alerts enable administrators the ability to spot potential weaknesses and remotely fix or revoke certificates on demand.
  • Renewals - Certificates can be manually renewed set for automatic renewal to avoid unintended expirations or downtime.


Simplify issuance and deployment and spend less time manually managing certificates. Automation in website security helps enterprises maintain control while keeping secure and compliant.

Workflow automation has become a necessity for administrators and it enables them to:

  • Save time
  • Reduce costs
  • Minimize human errors
  • Improve business efficiency

Through the CCM, API administrators can integrate directly into the platform and automate processes of the certificate lifecycle including purchasing, renewing, installing, revoking, or updating certificates across their entire environment.

  • Provide critical detection for misconfigured certificates
  • Identify potential security vulnerabilities
  • Assign each certificate and server a grade
  • Receive remediation action plans, as needed
Comodo CA CCM Automation

Private Certification Authority Service

Issue & manage private SSL certificates in CCM

Private CA is a feature in CCM providing enterprises with a low-cost way to secure and manage their private intranet certificates while adhering to corporate and industry compliance standards. Through the CCM platform administrators can issue, view and manage their intranet certificates in addition to their Comodo CA certificates --  all from a single platform to avoid risks, errors, or hidden costs that can be associated with self-signed certificates.

Common uses for private certificates include:

  • Intranet sites
  • VPN or wireless authentication
  • Device identification – mobile device deployments or BYOD
  • Internet of Things (IoT) projects
  • Securing communications between internal services

Code Signing in the Cloud

Secure and manage code signing certificates in the Comodo CCM PKI infrastructure

Code Signing certificates are used by software developers to digitally sign applications and software programs to prove that the file a user is downloading is genuine and has not been compromised. This is especially important for publishers who distribute their software through third-party download sites, which they may have no control over. Major operating systems will show end users an error message if the software they are trying to install is not signed by a trusted CA.

The CCM platform has both a hosted and cloud based service that provides a fast and simple interface through which developers can upload, sign and quickly collect their signed software. 

  • Ensure certificate keys are securely stored and available only to authenticated user
  • Help mitigate the risk of accidental loss or theft 
  • Protect users from downloading compromised software.

CCM is also capable of hash signing; developers can upload a hash of their files for signing instead of the file itself. The developer would then need to embed the hash with their files. Can be used to sign:

  • .EXE
  • .JAR
  • .DLL
  • .APK
  • .CAB
  • .WAR
  • .MSI
  • Android applications
  • .OCX
  • .SYS

Contact Us