Client Overview
The organisation is a regional logistics and freight forwarding company operating across four GCC countries, managing road, air, and sea freight for commercial customers. The company runs a shipment tracking platform, a customer portal, and a set of API integrations connecting it with port authorities, customs systems, and major airline cargo booking platforms. These integrations are operationally critical — any disruption affects the company's ability to track or move freight on behalf of customers.
The Challenge
The company's IT infrastructure had grown rapidly over three years as it expanded into new countries and added carrier integrations. Each new integration had brought its own certificate, and the IT team was tracking renewals informally across a shared calendar. The situation came to a head when a certificate on the customs API integration for one country expired on a Friday evening, causing the company's shipment release process to fail over a weekend. By the time the issue was identified and resolved the following Monday morning, around 40 shipments had been held up, affecting multiple customers. An internal review found that five other integration certificates were due for renewal within 60 days. The incident was discussed at a board operations review, with the IT manager directed to implement a formal certificate management process.
“Forty shipments held over a weekend because of an expired certificate on a customs API. That's the kind of operational failure that damages customer relationships — and it was entirely preventable.”
— Head of Technology and Operations
The Solution
eMudhra deployed CertiNext to provide visibility and automated lifecycle management across the company's full certificate estate. A discovery scan identified 95 certificates across the shipment tracking platform, customer portal, and all carrier and government API integrations. The five near-expiry integration certificates were flagged immediately and renewed within the first week. CertiNext was configured to treat carrier and customs integration certificates as high priority, with renewal workflows triggered at 90 days and notifications sent to both the IT manager and the operations director responsible for each integration. A private CA was set up for internal system certificates used within the company's own network. The CertiNext dashboard was configured to show a colour-coded view of integration certificate health that the operations director could check ahead of busy freight periods.
Results
All five at-risk certificates were renewed within the first week. In the 12 months following deployment, the company recorded no certificate-related freight or integration disruptions. The board operations review in the following quarter noted the CertiNext deployment as a resolved operational risk item.
Metric | Before | After |
Integration certificates under governance | 95; informal calendar tracking | All 95 in CertiNext with automated renewal |
Freight disruptions from cert expiry | 40 shipments held; customer complaints | Zero freight disruptions in 12 months |
Near-expiry certs at deployment | 5 integration certs within 60 days | All renewed within first week |
Integration certificate lead time | Reactive; no advance process | 90-day renewal trigger for critical integrations |
Board operational risk status | Cert management raised as open risk | Resolved at next quarterly board review |
