Current State of Certificate Management Survey

All questions in this survey are optional. Answers are recorded by clicking the 'Thank You' button at the bottom. Summary results will be shared publicly on the smallstep blog.

Question Title

* 1. What are your plans for using certificates for:

	No plans	Thinking about it	2024 project for us	Currently using
Laptops and devices	Laptops and devices No plans	Laptops and devices Thinking about it	Laptops and devices 2024 project for us	Laptops and devices Currently using
Code signing	Code signing No plans	Code signing Thinking about it	Code signing 2024 project for us	Code signing Currently using
Non-web servers (database etc)	Non-web servers (database etc) No plans	Non-web servers (database etc) Thinking about it	Non-web servers (database etc) 2024 project for us	Non-web servers (database etc) Currently using
Mutual TLS	Mutual TLS No plans	Mutual TLS Thinking about it	Mutual TLS 2024 project for us	Mutual TLS Currently using
Site-to-site VPN	Site-to-site VPN No plans	Site-to-site VPN Thinking about it	Site-to-site VPN 2024 project for us	Site-to-site VPN Currently using
Corporate network VPN	Corporate network VPN No plans	Corporate network VPN Thinking about it	Corporate network VPN 2024 project for us	Corporate network VPN Currently using
Document signing	Document signing No plans	Document signing Thinking about it	Document signing 2024 project for us	Document signing Currently using
OpenSSH	OpenSSH No plans	OpenSSH Thinking about it	OpenSSH 2024 project for us	OpenSSH Currently using
Service mesh	Service mesh No plans	Service mesh Thinking about it	Service mesh 2024 project for us	Service mesh Currently using
IoT or connected devices	IoT or connected devices No plans	IoT or connected devices Thinking about it	IoT or connected devices 2024 project for us	IoT or connected devices Currently using

What else?

Question Title

* 2. How do you secure connections between your internal services?

I don't, all my services are on one platform

We use VPN/tunnel to secure connections

We use mTLS to secure connections

With insecure connections

Don't know

Can't say

Other (please specify)

Question Title

* 3. Do you have an internal PKI? eg. service mesh, internal TLS or mutual TLS

Yes

Don't know

Can't say

Yes, but I have to say

Question Title

* 4. How do you get certificates to internal things now?

EST - Enrollment over Secure Transport

SCEP - Simple Certificate Enrollment Protocol

ACME - Automatic Certificate Management Environment

Let's Encrypt

Custom vendor API/UI

Manually

Something else (please specify)

Question Title

* 5. In the next twelve months, are you starting a project using certificates around:

Issuing certs to Linux servers

Issuing certs to laptops

Issuing certs to services

Issuing certs to humans

Issuing certs to IoT devices

Service Mesh

SSH Certificates

Something else (please specify)

Question Title

* 6. Do you use any of these certificate management tools?

	Yes	No, but considering it	No, not an option	Never heard of it
EJBCA	EJBCA Yes	EJBCA No, but considering it	EJBCA No, not an option	EJBCA Never heard of it
CFSSL	CFSSL Yes	CFSSL No, but considering it	CFSSL No, not an option	CFSSL Never heard of it
Smallstep (step & step-ca)	Smallstep (step & step-ca) Yes	Smallstep (step & step-ca) No, but considering it	Smallstep (step & step-ca) No, not an option	Smallstep (step & step-ca) Never heard of it
Active Directory (ADCS)	Active Directory (ADCS) Yes	Active Directory (ADCS) No, but considering it	Active Directory (ADCS) No, not an option	Active Directory (ADCS) Never heard of it
OpenSSL	OpenSSL Yes	OpenSSL No, but considering it	OpenSSL No, not an option	OpenSSL Never heard of it
HashiCorp Vault	HashiCorp Vault Yes	HashiCorp Vault No, but considering it	HashiCorp Vault No, not an option	HashiCorp Vault Never heard of it
Netflix Lemur	Netflix Lemur Yes	Netflix Lemur No, but considering it	Netflix Lemur No, not an option	Netflix Lemur Never heard of it
Google Trillian	Google Trillian Yes	Google Trillian No, but considering it	Google Trillian No, not an option	Google Trillian Never heard of it
AWS ACM private CA	AWS ACM private CA Yes	AWS ACM private CA No, but considering it	AWS ACM private CA No, not an option	AWS ACM private CA Never heard of it
GCP CAS	GCP CAS Yes	GCP CAS No, but considering it	GCP CAS No, not an option	GCP CAS Never heard of it

Other (please specify)

Question Title

* 7. Where are you hitting the most challenges around internal PKI?

Question Title

* 8. About Me

	Hobbyist	Small Company (<100)	Medium Company (100 to 1000)	Large company (>1000)
Developer	Developer Hobbyist	Developer Small Company (<100)	Developer Medium Company (100 to 1000)	Developer Large company (>1000)
Operator	Operator Hobbyist	Operator Small Company (<100)	Operator Medium Company (100 to 1000)	Operator Large company (>1000)
Security Professional	Security Professional Hobbyist	Security Professional Small Company (<100)	Security Professional Medium Company (100 to 1000)	Security Professional Large company (>1000)
PKI Nerd	PKI Nerd Hobbyist	PKI Nerd Small Company (<100)	PKI Nerd Medium Company (100 to 1000)	PKI Nerd Large company (>1000)

Question Title

* 9. Complete if you would like to speak with our Product team about your company use case

Full Name

Company

Email Address

Question Title

* 10. Can we add you to the smallstep mailing list?

Yes (please provide email)