Schedule an automation event

Before you begin

Applicable to Citrix NetScaler load balancers automation only. You cannot automate a certificate with an “IP unreachable” status. An “IP unreachable” status refers to non-addressable virtual servers where the PFX certificate is present.

To create an automation event

  1. Go to Automation > Automated IPs.

  2. Find the certificate you want to automate.

  3. Select the appropriate link in the action column.

    Request a certificate

    Request a certificate when there is no certificate configured to IP/Port.

    Switch to DigiCert

    Replace a certificate issued from a different Certificate Authority (CA) with a DigiCert certificate.


    • For non-Multi-year Plans: When a certificate expired or is about to expire in less than 90 days.
    • For Multi-year Plans: When an order or Multi-year Plan expired or is about to expire in less than 90 days.


    • For non-Multi-year Plans: When an active certificate is revoked or missing.
      Note: The certificate will be reissued with the remaining validity of the original certificate.
    • For Multi-year Plans: When a certificate issued from an active Multi-year Plan needs to be replaced.

    Get your next certificate

    Only for Multi-year Plans, when an active certificate for a Multi-year Plan is about to expire in less than 30 days.

    Note: You can reissue or get your next certificate at no cost each time it reaches the end of its validity period until the Multi-year Plan expires.

    Submit manual request

    When you want to request a certificate manually.

  4. Select or create an automation profile for this event.

    Note: For automation on Citrix NetScaler load balancers only. Make sure the organization associated with the profile has country, state, and locality (CSL) details. This is required to generate the CSR and automate the load balancer.

  5. (Optional) Select Issue a duplicate certificate using an existing order to request a duplicate of the certificate that is automated with an existing order.

  6. Enter the Common name and Subject Alternative Name (optional) you want to request the certificate for.

  7. If you are automating on Citrix NetScaler load balancers, requesting automation on HTTP port, and want to redirect the traffic after automation, enter the HTTPS redirect port of the HTTP instance for the virtual IP address.

    Note: During automation, we create an HTTPS virtual server with a new certificate. When successful, automation redirects the traffic to the HTTPS instance on the specified port.

  8. (Optional) If you are automating on F5 BIG-IP load balancers, select Private key security type to specify the storage of your private keys.

    • Normal: Store the private key in the F5 BIG-IP load balancer itself.
    • FIPS: Store the private key in the Federal Information Processing Standards (FIPS) enabled module of the F5 BIG-IP load balancer.
    • NetHSM: Store the private key in the Hardware Security Module (HSM) device connected to the F5 BIG-IP load balancer.
  9. Set the time for automation to begin—immediately or scheduled in advance.

  10. (Optional) Set the certificate to renew and install automatically near the end of its validity period.

  11. Read through the agreement and select I agree to the Certificate Services Agreement.

  12. Select Start automation or Schedule automation.