Security Experts:

Connect with us

Hi, what are you looking for?


Cloud Security

Google Cloud Certificate Authority Service Becomes Generally Available

Google Cloud on Monday announced that its Certificate Authority Service is now generally available.

Google Cloud on Monday announced that its Certificate Authority Service is now generally available.

The Google Cloud Certificate Authority Service (CAS), for which a public preview was announced in October 2020, is designed to help organizations “simplify, automate, and customize the deployment, management, and security of private certificate authorities.”

The CAS, which has already been used by some major organizations, can be integrated with services from Keyfactor, Jetstack, Smallstep, Venafi and AppViewx.

Google says the most important new features made available in CAS are simplified certificate authority (CA) rotation, and improved control over certificate issuance policies.

Other new features and integrations include the addition of Terraform support for managing and configuring CAS, a Hashicorp Vault plugin, and a tutorial for setting up and using CAS.

Google Cloud CAS can be used based on a pay-as-you-go model, but subscription models are available for large-volume customers.

Google also announced that the service is now available in more regions.

“Google Cloud CAS offers a virtually unbounded quota for the total number of issued certificates at a rate that can meet any of modern scales backed by an enterprise grade [service-level agreement], making customer managed deployments very hard to justify,” Google Cloud employees wrote in a blog post.

Related: Google Cloud Unveils New Service for Government Workloads

Related: Google Cloud Unveils Confidential VMs Powered by AMD EPYC Processors

Related: Hackers Compromise Mongolian Certificate Authority to Spread Malware

Related: Google Launches Its Own Root Certificate Authority

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cloud Security

Orca Security published details on four server-side request forgery (SSRF) vulnerabilities impacting different Azure services.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cloud Security

Cloud Disaster Recovery - Ingredients for a Recipe that Saves Money and Offers a Safe, More Secure Situation with Greater Accessibility

Application Security

Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...