# Which encryption key management platforms automate certificate lifecycle and key rotation scheduling?

<p class="elv-tracking-normal elv-text-default elv-font-figtree elv-text-base elv-leading-base elv-font-normal" elv="true">We're researching which <a class="a a--md" elv="true" href="https://www.g2.com/categories/encryption-key-management">encryption key management platforms</a> eliminate manual certificate renewal and key rotation scheduling, specifically tools where automation is built into the architecture rather than bolted on.</p><ol>
<li>
<a class="a a--md" elv="true" href="https://www.g2.com/products/akeyless-identity-security-platform/reviews"><strong>Akeyless Identity Security Platform</strong></a>: Automates PKI, SSH, and service account certificate rotation and renewal end-to-end, and has a TTL-based dynamic model that eliminates scheduled rotation for short-lived credentials.</li>
<li>
<a class="a a--md" elv="true" href="https://www.g2.com/products/doppler-secrets-management-platform/reviews"><strong>Doppler Secrets Management Platform</strong></a>: Automates secret rotation across environments with TTL-governed dynamic secrets that self-delete on expiry.</li>
<li>
<a class="a a--md" elv="true" href="https://www.g2.com/products/aws-key-management-service/reviews"><strong>AWS Key Management Service (KMS)</strong></a>: Automates key rotation with a non-disruptive model where old keys remain accessible, and new keys activate without configuration or service disruption.</li>
<li>
<a class="a a--md" elv="true" href="https://www.g2.com/products/ibm-vault-formerly-hashicorp-vault/reviews"><strong>IBM Vault (formerly HashiCorp Vault)</strong></a>: Eliminates rotation scheduling architecturally through dynamic secrets with automatic TTL expiry. Credentials generated on demand expire automatically, making scheduled rotation structurally unnecessary for teams that adopt the model fully.</li>
<li>
<a class="a a--md" elv="true" href="https://www.g2.com/products/keyfactor-command/reviews"><strong>Keyfactor Command</strong></a>: Automates the complete certificate lifecycle as its primary function; the only purpose-built CLM tool for teams where PKI certificate management is the core operational requirement.</li>
</ol><p class="elv-tracking-normal elv-text-default elv-font-figtree elv-text-base elv-leading-base elv-font-normal" elv="true">Has a missed certificate renewal or key rotation ever made it into a production incident or post-mortem, and what drove you toward or away from automated rotation after that?</p>

##### Post Metadata
- Posted at: about 1 month ago
- Author title: Marketing Executive
- Net upvotes: 1


## Comments
### Comment 1

&lt;p&gt;Also, for teams that have adopted the dynamic secrets model fully, do you still keep any scheduled rotation in place as a fallback or has it replaced that entirely?&lt;/p&gt;

##### Comment Metadata
- Posted at: about 1 month ago
- Author title: Marketing Executive





## Related discussions
- [How well does Trello scale into a larger team?](https://www.g2.com/discussions/1-how-well-does-trello-scale-into-a-larger-team)
  - Posted at: about 13 years ago
  - Comments: 6
- [Can we please add a new section](https://www.g2.com/discussions/2-can-we-please-add-a-new-section)
  - Posted at: about 13 years ago
  - Comments: 0
- [Quantifiable benefits from implementing your CRM](https://www.g2.com/discussions/quantifiable-benefits-from-implementing-your-crm)
  - Posted at: about 13 years ago
  - Comments: 4


