Start with Identity
PKI / Certificate Lifecycle

AppViewX

Founded 2008Seattle, Washington, USAPrivate (Haveli Investments)Score 4.1/5Evaluated 2026-06-19Website ↗

Capability scores

Methodology →
Authentication
3.0
SSO & Federation
2.0
Authorization
3.0
Lifecycle & Provisioning
4.5
MFA & Passwordless
2.0
Governance & Audit
4.0
Developer Experience
4.0
Deployment Flexibility
4.5
Pricing Transparency
3.0
Support & Ecosystem
3.5

Scored 0–5 against a published rubric. Independent analysis, no vendor sponsorship.

Overview

AppViewX (founded 2008, now owned by Haveli Investments) is a CA-agnostic certificate lifecycle management and machine identity platform built around its CERT+ product. It does not run a public certificate authority of its own. Instead it sits above the CAs you already use, discovering, issuing, renewing, and revoking certificates across hybrid infrastructure from a single control plane. Its position in the PKI and certificate lifecycle category is as an orchestration layer for enterprises drowning in certificates spread across networks, load balancers, and Kubernetes.

What it is good at

The strength is automation breadth across a heterogeneous estate. CERT+ integrates with public CAs (DigiCert, Sectigo, and others), private PKI, and cloud-native issuers, then applies policy-driven workflows for enrollment, renewal, and revocation. Network-wide discovery surfaces unknown and expiring certificates before they cause outages, and integrations push certificates to F5, NetScaler, and similar endpoints. Strong governance and audit controls, crypto-agility tooling, and both SaaS and self-hosted deployment make it a fit for regulated, complex environments.

Where it falls short

AppViewX manages certificates but does not issue public trust, so you still need a CA underneath it. That two-vendor reality adds cost and contract overhead for teams that only want one throat to choke. The platform is enterprise-grade and priced and scoped accordingly, which makes it heavy for small certificate counts. Setup and tuning of discovery and workflows take real effort.

Pricing

Enterprise subscription, quote-based, typically scaled by certificate volume and modules. No public list pricing. Model it against your real certificate count and renewal cadence with the TCO calculator.

Best for, and who should look elsewhere

Choose AppViewX when you manage certificates across many CAs and infrastructure types and want one policy-driven automation layer. If you want the CA itself, look at DigiCert or Sectigo; if you are a cloud-native engineering team wanting lightweight private PKI, Smallstep fits better. Direct competitor Keyfactor covers similar ground.

Bottom line

A strong CA-agnostic orchestration platform for automating certificate lifecycle across sprawling hybrid estates, best for enterprises with real scale.

More PKI / Certificate Lifecycle vendors

All PKI / Certificate Lifecycle

By SWI Community Team · Last evaluated 2026-06-19

Independent, community-driven analysis. No vendor sponsorship. Compiled from public research and community input and verified on a best-effort basis, so details may be incomplete or out of date. Scores are opinions, not advice. Trademarks belong to their owners; mention does not imply affiliation or endorsement. See the full disclaimer, or send corrections to community@startwithidentity.com.