A cryptographic credential issued for a defined period that can be used to prove identity during authentication. It supports stronger, time-bound access control, but only when issuance, renewal, and revocation are managed as part of the identity lifecycle.
Expanded Definition
A digital certificate is more than a signed file. In NHI security, it is a time-bound trust artifact that binds a public key to an identity assertion, enabling systems to authenticate workloads, services, and devices without human interaction. Its value comes from the surrounding lifecycle: issuance, binding, renewal, revocation, and auditability.
Definitions vary across vendors on whether certificates are treated as standalone credentials or as one component of broader machine identity governance. NHI Management Group treats them as an identity control surface because certificates often represent the most visible enforcement point for workload trust. That perspective aligns with IETF RFC 5280, which specifies the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List Profile, and with the broader trust objectives of the NIST Cybersecurity Framework 2.0.
The most common misapplication is treating a certificate as proof of durable identity, which occurs when teams ignore expiry, revocation, and ownership changes.
Examples and Use Cases
Implementing digital certificates rigorously often introduces operational overhead, requiring organisations to weigh stronger cryptographic assurance against lifecycle complexity and renewal risk.
- Mutual TLS between microservices uses certificates to authenticate both endpoints, reducing reliance on shared secrets.
- CI/CD runners and build agents present short-lived certificates so deployment tools can verify trusted execution without storing long-lived API keys. The CI/CD pipeline exploitation case study shows why pipeline trust must be tightly controlled.
- Internal service meshes issue certificates automatically to workloads so east-west traffic can be encrypted and authenticated at scale.
- Device identity programs use certificates to distinguish managed hardware from unmanaged endpoints before granting access to internal resources.
- Certificate authorities and revocation checks support decommissioning when a workload is retired or a private key is suspected to be exposed, a pattern frequently discussed in the Ultimate Guide to NHIs — What are Non-Human Identities.
Because certificate trust is often embedded deep in application flows, teams usually discover weak inventory or stale issuance only when automation fails or access breaks unexpectedly.
Why It Matters in NHI Security
Certificates are central to machine identity because they often become the enforcement point for Zero Trust access, workload authentication, and service-to-service trust. When they are unmanaged, organisations lose visibility into which non-human identities are trusted, where they are used, and how quickly they can be revoked. That creates direct exposure in secrets sprawl, lateral movement, and outage scenarios.
NHI Management Group research shows that NHIs outnumber human identities by 25x to 50x in modern enterprises, which means certificate governance has become a scaling problem, not a niche PKI issue. SailPoint research also found that only 38% of organisations have automated certificate lifecycle management in place, and certificate expiry is the leading cause of outages for 45% of organisations. That makes renewal discipline a resilience issue as much as a security issue.
Practitioners should align certificate management with revocation, ownership, and inventory controls described in NIST identity and access management guidance and the operational realities documented in the Critical Gaps in Machine Identity Management report. Organisations typically encounter certificate governance as a priority only after a widespread outage, at which point renewal failure, unknown ownership, and revocation gaps become operationally unavoidable to address.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-02 | Covers machine identity secrets and certificate lifecycle weaknesses that create exposure. |
| NIST CSF 2.0 | PR.AC-1 | Identity proofing and access control rely on trusted certificate-based authentication. |
| NIST Zero Trust (SP 800-207) | SC-7 | Zero Trust uses strong service authentication and continuous verification for workload access. |
Tie certificate issuance and validation to access policy and monitor trust decisions continuously.
Related resources from NHI Mgmt Group
- How should teams manage shrinking certificate lifecycles in NHI environments?
- What is the difference between certificate management and NHI governance?
- Should organisations treat certificate expiry as an operational risk or a security risk?
- How should security teams govern certificate lifecycles across hybrid environments?
