Certificate outages don’t happen because teams don’t care — they happen because certificate management is fragmented. Requests live in email threads, renewals are tracked in spreadsheets, and expiration alerts arrive too late or not at all. As Google and the CA/Browser Forum drive certificate lifetimes toward 47 days, organizations running manual processes face an unmanageable renewal workload.
HID Account Certificate Manager brings the full certificate lifecycle — request, approval, renewal, revocation, and expiration monitoring — directly into ServiceNow. Unlike connectors that require a separately licensed CLM platform, ACM is backed by IdenTrust’s managed PKIaaS infrastructure. You get the ServiceNow-native workflow layer and a trusted CA backend in a single solution, with no additional platform to license or maintain.
Critically, ACM manages both publicly trusted certificates and internal private PKI — including native integration with Microsoft Active Directory Certificate Services (AD CS). Most organizations operate two disconnected certificate estates: public certs from a commercial CA, and internal certs issued through AD CS that are poorly monitored and often the source of silent outages. ACM unifies both worlds, extending visibility to non-Windows environments including Linux systems, network infrastructure, IoT devices, and cloud workloads. For the first time, security and operations teams get a single ServiceNow-native view of their entire certificate estate — public and private, Microsoft and non-Microsoft.
Service Portal workflows support both manual approval-based and automated certificate operations. Certificates are inventoried in the CMDB CI Certificate table, expiry notifications fire at 30, 7, and 1 day before expiration, and incidents are automatically created for imminent expirations. Domain separation support ensures secure data segregation at enterprise scale.
-
Backed by IdenTrust managed PKIaaS — no separate CA infrastructure or CLM platform required; publicly trusted certificate issuance is included
-
Unified public and private certificate management — manages both IdenTrust publicly trusted certificates and internal private PKI, including native Microsoft AD CS integration and full support for non-Windows environments: Linux, network devices, IoT, and cloud workloads
-
End-to-end SSL/TLS certificate lifecycle management (request, renew, revoke) via Service Portal, with both manual approval-based and automated workflow paths
-
Centralized inventory of certificate policies and certificates, integrated with the CMDB CI Certificate table
-
Built-in lifecycle dashboards for certificate visibility and operational monitoring
-
Automated expiry notifications at 30, 7, and 1 day before expiration, with automatic incident creation for certificates expiring within 1 day
-
Domain separation support for secure data segregation in multi-tenant environments
-
Customers can now request, renew, and revoke certificates entirely within the ServiceNow Service Portal — with both approval-based and automated workflow paths
-
Full inventory of certificates and policies now centralized in ServiceNow, with CMDB CI Certificate integration for end-to-end asset visibility
-
New lifecycle dashboards give security and ops teams a live view of certificate health, expirations, and policy coverage — without leaving ServiceNow
-
Certificate records are natively linked to the CMDB CI Certificate table, enabling consistent asset tracking and audit trail support
-
Automated expiry alerts fire at 30, 7, and 1 day before expiration — with automatic incident creation for 1-day expirations to prevent outages
-
Enterprise-grade domain separation ensures secure data segregation for multi-tenant and federated organizational structures
Below dependancy should be installed
* CMDB CI Class Models (Min version required 1.80.0)