Skip to main content

Automation service overview

CertCentral automation is a suite of tools designed to simplify certificate lifecycle management, from initial CSR generation to installation and ongoing renewals. These tools can help to reduce TLS administration overhead, enhance security, and mitigate the risk of business disruptions due to human error.

With automation enabled, you can use CertCentral to view and act upon all of your existing TLS certificates, plus you can enroll and install new certificates. You make selections from graphical menus and let the automation service do the work for you, performing the required tasks and coordinating between your systems and the DigiCert Cloud.

As allowed certificate lifetimes continue to shorten, the automation service provides an efficient means to keep all your systems in order and respond quickly as new security incidents come to light.

Key features

CertCentral automation is designed to be flexible and scalable. It supports a variety of common TLS deployment scenarios and can be customized for integration with existing platforms.

With it you can:

  • Manage certificates individually or in bulk.

  • Manage certificates for both standard hosts and network appliances.

Further, it:

  • Is highly configurable, with detailed usage reporting.

  • Uses industry standard ACME automation protocol.

  • Uses the same client software as CertCentral Discovery.

  • Is a lightweight client software that updates itself.

  • Uses a pull communications model, which does not require firewall changes.

  • Provides API calls for custom integrations.

Supported systems and devices

Out of the box, the managed automation service supports TLS certificate management for the following:

  • Operating systems: Linux and Windows

  • Web servers: Microsoft IIS, Apache HTTP Server, Apache Tomcat, Nginx, IBM HTTP Server

  • Load balancers: F5 BIG-IP LTM, Citrix ADC, A10

  • Load balancer as a service: Amazon Web Services (ALB, NLB, and CloudFront)

In addition, you can configure the automation tools to work with third-party ACME clients, such as EFF certbot and Kubernetes cert-manager.

Finally, you can use the DigiCert API library to integrate certificate automation actions into existing applications.

Start using automation

To get started with automation, the service must first be enabled for your account. Contact your sales representative to learn more.

With the automation service enabled, you will perform some initial configuration tasks, and then you can start using CertCentral to manage all of your certificate lifecycles from one centralized location.