Skip to main content

Install and activate an ACME automation agent

Automating certificate requests on standard hosts, such as web servers, requires that the DigiCert ACME agent be installed and running on each host.

Optionally, you can use a DigiCert sensor as proxy to add fault tolerance options to your host automations. You will be prompted about proxy options during the agent installation process.

Notice

You can install the DigiCert agent software on multiple servers at once in "silent mode". To download the required tools and an instruction guide from the CertCentral Automation menu, select Manage automation > Add automation > Set up an agent > Yes, my server can be reached directly. From there, select the link to "install the agent silently on multiple servers" to download the silent mode guide, companion application, and deployment code for Windows or Linux. The guide can also be downloaded here.

Before you begin

  • Verify your operating system and web server are supported for automation. See Get started with managed automation.

  • Verify the system and network requirements for the agent. See System and network requirements.System and network requirements

  • You must have root or administrator permissions on the local system to install the agent.

  • You must have CertCentral admin or manager account credentials to activate the agent.

Download the ACME agent software

Start by downloading the agent installer package.

To download the agent directly:

To download the agent via CertCentral:

  1. In your CertCentral account, in the left main menu, go to Automation > Manage automation.

  2. Select the Add automation button at top.

  3. Select the Set up an agent option.

  4. Select Yes or No based on how your host will connect to the CertCentral cloud:

    • Yes: If your host will connect to the Internet directly or via a third-party proxy, or via a DigiCert sensor that is already set up. You will proceed directly to the agent download page from here.

    • No: If your host will connect via a DigiCert sensor as proxy, but the sensor is not set up yet. You will be prompted to set up the sensor before proceeding. Return to step 1 when done.

  5. Finally, select Download to download either the Windows or Linux version of the ACME automation agent.

Notice

To learn more about using a third-party proxy or DigiCert sensor as proxy, see Use a proxy or sensor with host automations.

Windows: Install and activate the ACME agent

After downloading the Windows version of the ACME automation agent, follow these steps to install and activate it:

  1. Unzip and run the DigiCert ADM Agent executable as an administrator on the certificate host.

  2. Follow the prompts to install the agent. After the agent is installed, the setup wizard immediately starts activation.

  3. Select how the agent will connect to the CertCentral cloud:

    • Direct, no proxy: If the agent will connect directly.

    • My own proxy server: If connecting through a third-party proxy server. You will be prompted to enter the proxy server details.

    • DigiCert sensor as proxy: If connecting through a DigiCert sensor as proxy. You will be prompted to enter the sensor details.

  4. Sign in with your CertCentral admin or manager account credentials to activate this agent.

  5. Select the division that owns or manages this host system. Note: All certificates issued through this agent will be associated with this division.

  6. Assign a custom, easily identifiable name to this agent (optional).

Linux: Install and activate the ACME agent

After downloading the Linux version of the ACME automation agent, follow these steps to install and activate it:

  1. Untar the installer file on the certificate host (for example, tar -xzvf <agent-file>.tar.gz).

  2. Change into the installation directory, and run start-adm-agent.sh as root (for example, sudo ./start-adm-agent.sh).

  3. Follow the prompts to install and activate the agent.

  4. Sign in with your CertCentral admin or manager account credentials to activate this agent.

  5. Select how the agent will connect to the CertCentral cloud:

    • Direct, no proxy: If the agent will connect directly.

    • DigiCert sensor as proxy: If connecting through a DigiCert sensor as proxy. You will be prompted to enter the sensor details.

    • My own proxy server: If connecting through a third-party proxy server. You will be prompted to enter the proxy server details.

  6. Select the division that owns or manages this host system. Note: All certificates issued through this agent will be associated with this division.

  7. Assign a custom, easily identifiable name to this agent (optional).

Uninstall or reinstall an agent

To uninstall an existing DigiCert ACME agent:

  • Windows: Use the Windows Apps control panel to uninstall the DigiCert agent software.

  • Linux: Stop the DigiCert agent service, then delete the directory where you installed the agent.

To reinstall the DigiCert ACME agent on a host: first uninstall the existing agent as described above and then download and install/activate a fresh agent for Windows or Linux.

What's next?