SSLMate API Key
Service Name: SSLMate
Service Description: SSLMate is a service that allows businesses to purchase, manage, and automate SSL/TLS certificates. It provides tools for certificate management, monitoring, and automation through its API.
Service Address: https://sslmate.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured in the SSLMate account settings
Secret Access Scope: Grants programmatic access to SSLMate API for certificate management, including purchasing, renewing, and revoking SSL certificates.
Secret Revokement URL: https://sslmate.com/account/api_credentials
Secret Example: sm_api_ZXhhbXBsZWtleWZvcnNzbG1hdGVhcGlrZXk
Suspicious Activity Investigation Instructions:
- Review SSLMate account logs for unusual certificate issuance or management activities
- Check for unauthorized certificate purchases or renewals
- Monitor for unexpected certificate revocations
- Verify if there are any certificates issued for domains not owned by your organization
- Review API access logs for unusual patterns or access from unexpected locations
Mitigation Instructions:
- Log in to your SSLMate account at https://sslmate.com/account
-
Navigate to API Credentials section
-
Revoke the compromised API key by clicking the "Revoke" button next to it
- Generate a new API key if needed
- Update all applications and services using the old API key with the new one
- Consider implementing IP restrictions for API access if not already in place
- Review and update access controls for who can view and use API credentials
- Enable notifications for certificate issuance and other important events