Google Trust Services

Overview

QCecuring integrates with Google Trust Services (GTS) to automate the issuance of publicly trusted certificates from Google’s certificate authority. Organizations can leverage GTS as an alternative or complement to other public CAs while maintaining centralized lifecycle governance.

Key capabilities

• ACME-based certificate issuance from Google Trust Services with automated domain validation.
• Support for RSA and ECDSA certificates issued by Google’s publicly trusted CA hierarchy.
• Centralized management of GTS certificates alongside other CA-issued certificates.
• Automated renewal workflows ensuring continuous certificate validity.
• Policy enforcement determining which domains and services use Google Trust Services.

Typical use cases

• Organizations standardizing on Google Cloud infrastructure wanting Google-issued public certificates.
• Teams seeking CA diversity by adding Google Trust Services alongside existing CA relationships.
• Enterprises using Google Domains with automated DNS validation for GTS certificate issuance.

High-level integration flow

1. Register an ACME account with Google Trust Services and configure it in QCecuring.
2. Define policies specifying which domains and environments should use GTS for certificate issuance.
3. QCecuring’s ACME client handles domain validation and certificate requests to GTS.
4. Issued certificates are deployed to target infrastructure and tracked in centralized inventory.
5. Automated renewal and monitoring ensure certificates remain valid with alerting on any issues.