Download the TLS Server Certificate Management Practice Guide


View As Web Page


Final TLS Server Certificate Management Practice Guide is Available

TLS Server Certificate Management


We are pleased to inform you that the final edition of National Institute of Standards and Technology’s Special Publication 1800-16 Securing Web Transactions: Transport Layer Security (TLS) Server Certificate Management is now available.

TLS is the most widely used protocol for securing web transactions and other communications on internal networks and the internet, and helps to protect an organization’s data, privacy, and overall operational security.

Protect Your Organization

The TLS Certificate Management guide is organized in four volumes at different levels of technical detail, and provides a roadmap to assist executives, chief information security officers, system administrators, and information technology professionals to create and implement a server certificate management plan. Volume A provides an executive summary; Volume B covers security risks and recommended best practices; Volume C explains what we did and why and features a security control map which maps the security characteristics of the example solution to existing cybersecurity standards and best practices; and Volume D is the “how-to” portion of the guide which helps users replicate all or parts of the build created in our lab.

Some organizations may have tens of thousands of certificates, but many lack a plan to manage them. This puts them at a higher risk for system outages and security breaches, which can result in:

  • Revenue loss
  • Harm to reputation or brand
  • Loss of privacy
  • Exposure of confidential data to attackers

We are grateful to our technology collaborators, Digicert, f5, Symantec, a Division of Broadcom; Thales and Venafi for their many contributions of time and resources, which have culminated in the publication of the final guide.

Download the Free Guide

The guide is available for download in its entirety or by individual volume. If you have feedback on how the guide helped you establish and/or refine a formal TLS server certificate management program within your organization—please share it with us, or send an email to

Yours in security,

-The TLS Server Certificate Management Project Team 

Download the Guide

National Cybersecurity Center of Excellence