US Patent 10341327 Enabling secure connections by managing signer certificates

Embodiments provide a system for managing security certificates, thereby enabling secure connections between systems. Embodiments collect data; authenticate to a server comprising a keystore comprising a plurality of certificates and having a server configuration; determine keystore characteristics from the server configuration; and, using the keystore characteristics, verify certificate expiration details. The system may determine that at least one certificate in the keystore has expired; and, in response, remove the at least one expired certificate from the keystore of the server. The system may determine that a certificate has expired; receives expired certificate serial number identifying expired certificate; searches for servers storing copies of the expired certificate; determines servers storing copies of the expired certificate; selects one or more of the servers storing copies of the expired certificate; and removes the expired certificate from the selected servers. The system may add the signer certificate to a keystore of the selected servers.