The SharkTrust Service

Automatic SSL Certificate Management for Devices

Real Time Logic's SharkTrust™ service is an automatic Public Key Infrastructure (PKI) solution for products containing an Embedded Web Server.

By using the SharkTrust™ service, you eliminate the technical hassle of setting up an SSL Certificate for a private network for the users of your product, streamlining their experience with your product, and making them feel effortlessly safe and secure. For your company, this means less time and resources spent on support explaining difficult and lengthy technical processes to your users. By implementing SharkTrust™ service in your product, even users without any knowledge of Public Key Infrastructure (PKI) will find it simple and easy to securely access all their devices.

Is the following what your customers see when they first start using your embedded web interface?

Browser SSL Warning

Why you need SharkTrust™

When you create a product containing an Embedded Web Server, you are faced with the problem of ensuring that your users can securely communicate with your device from any web browser.

Some device manufacturers avoid the problem altogether by simply offering an HTTP connection, but that comes with a growing set of disadvantages. For one thing, many companies mandate security even on a private network, especially when critical and sensitive information passes across it, and failing to provide HTTPS might make them hesitant to use your product. Also, many browsers are now flagging all HTTP connections as insecure, which means that not only would your users be confronted with an uncomfortable message warning them of an insecure connection when they attempt to connect with their devices, but many browser features which rely on HTTPS, such as password managers, will not work. This has the potential to damage the user experience of your product, and for this reason many device manufacturers are moving to HTTPS.

Self-signed certificate is not an option

Products featuring a self-signed SSL still face problems with modern browsers, which do not trust these certificates, triggering a warning of an insecure connection to users of your product. Although these warnings can be bypassed, doing so makes the connection essentially an HTTP connection, which limits certain browser features that rely on HTTPS, resulting in a negative impact on the experience of your users when communicating with their devices.

Purchasing a certificate is not an option

Purchasing a certificate from a Certificate Authority (CA) is a way for your users to have a secure HTTPS connection when communicating with their devices. However, CAs do not issue certificates for private networks, and this means your users must implement a Public Key Infrastructure (PKI) solution to get one. Existing PKI solutions typically require that users go through a lengthy, technically-challenging setup process, which makes using your product securely much more difficult for them. PKI tutorials are typically targeted at engineers, and your users may find them difficult to understand and follow. Additionally, you may find yourself spending valuable resources supporting customers with this process, causing headaches both for you and your customers.

Benefits of SharkTrust™

With SharkTrust™, you do not have to worry about ensuring safe and secure communication with your product from any browser, and neither do your users. By connecting to an online web interface, users can access information about all the devices on their network, and connecting to a device securely is as simple as clicking on it.

The SharkTrust™ service works with any embedded web server and TLS product, enabling you to integrate our automatic DNS and certificate management solution as a go-to option for customers requiring a configuration-less PKI solution for their private network.

SharkTrust's root certificate (CA certificate) is directly trusted by all major browsers and operating systems, including Microsoft, Google, Apple, Mozilla, Oracle and Blackberry. This means that no matter what device or browser is being used to connect with your product's Embedded Web Server, your users will never experience uncomfortable warning screens about unsecure connections.

  • Automatically resolve DNS for private networks and manage certificates for your device
  • No need for a manually-configured static IP address for your device - it can simply connect to a company's private network and use a dynamic IP
  • Eliminate the usual hassle of setting up a PKI infrastructure - your device automatically connects to the SharkTrust™ network, registers a dynamic IP, and downloads the required SSL certificate

The following video provides a quick overview of the core features in the SharkTrust service:


  • The SharkTrust service is designed for devices installed within an Intranet solution and for devices with private IP addresses.
  • The devices must have Internet access and must be able to connect to and communicate with the online SharkTrust service.
  • The SharkTrust service requires code in the device that complies with the SharkTrust Binary Protocol Specification.
  • The SharkTrust service uses the Let's Encrypt Certificate Authority, and all certificates are signed using Let's Encrypt.

Note: SharkTrust should be used in a device as an option in addition to existing PKI infrastructure. A device should be designed such that a user may also set up his own PKI, for example, by using our Certificate Management Tool.

More Information

For more information on how you as a device manufacturer can take advantage of our hassle free PKI solution and service, fill out the form below or send us an email.

Request Detailed SharkTrust Information

Your information: