Set up sensor-based automation for network appliances

Install and configure a sensor for automating certificate requests on load balancers

Automating certificate requests on network appliances such as load balancers requires a CertCentral sensor, the same software used for discovery scans.

Before you begin

Set up a sensor automation

  1. In your CertCentral account, in the left main menu, go to Automation > Manage automation.

  2. On the Manage automation page, select Add automation.

  3. On the Set up automation page, under the load balancers section, select Set up a sensor.

  4. On the Set up automation for load balancers page, select one of the following options:

    • I already have a sensor installed that can reach the target load balancers
      Use this option if you have a sensor running that can reach the target load balancers. Follow the configuration instructions to activate agentless automation on the sensor.
      Note: This supports SNI configuration only on F5 BIG-IP and AWS load balancers.
    • I don't have a sensor installed or need to install a new one
      Use this option if you do not already have a sensor installed or need to install once to reach the target load balancers. See the sensor installation steps for details.
      Once you install and activate the sensor, follow the configuration instructions to activate agentless automation on the sensor.

  5. Go back to Automation > Manage automation.

  6. On the Manage automation page , select the name of the agentless automation you just configured.

  7. Review and make sure the host details are correct.

  8. F5 BIG-IP load balancers: Select Private key security type to specify the storage of your private keys.

    • Normal: Store the private key in the F5 BIG-IP load balancer itself.
    • FIPS: Store the private key in the Federal Information Processing Standards (FIPS) enabled module of the F5 BIG-IP load balancer.
    • NetHSM: Store the private key in the Hardware Security Module (HSM) device connected to the F5 BIG-IP load balancer.

  9. Automating DV certificate installations: When automating a DV certificate, select DNS integration or provider for the validation of the DNS challenge to prove the ownership of the domains.

    The list includes all the integrations added to the sensor.

    Important: DNS integrations or providers in the list marked Critical had issues in the past while setting the DNS challenge. They may fail again. We recommend you select another integration or provider for successful validation.

  10. Select Save.

Related topics:

About

DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.

©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.