Skip to main content

Part 3: Set up device management

Establishing device groups and registering devices in DigiCert® Device Trust Manager allows you to effectively organize, manage, and secure device fleets. This section walks you through creating device groups to organize devices and registering a single device or if needed many devices.

Hinweis

Device management is available in the Advanced plan or higher. See Licensing and plans.

Objectives

  • Create a device group to organize devices based on criteria such as location or function.

  • Register devices in Device Trust Manager to enable management, monitoring, and updates.

Before you begin

Step 1: Create a device group

Device groups allow you to organize devices based on criteria such as deployment needs or functional requirements. Every device must belong to a device group to support certificate policies, updates, and structured management.

  1. Sign in to DigiCert® ONE as a Solution Administrator or Device Creator.

  2. In DigiCert ONE, in the Manager menu (grid at top right), select Device Trust.

  3. In the Device Trust Manager menu, select Device management > Device groups.

  4. Select Create device group.

  5. On the Settings step:

    1. Enter a Device group name that reflects the organizational structure or purpose.

    2. Select the Division for the device group.

    3. Optionally, notify the users for device registration. The notified users receive an email with a link.

    4. Optionally, add Labels to assist in searching and organizing device groups.

    5. Select up to three Inventory attributes that uniquely identify the devices in the group. For example, MAC address, Serial number, and CPU ID.

    6. Optionally, add any Desired Attributes for metadata that will be applied across all devices in the group. For example, a key of EnvKey with a value of Production.

    7. Click Next.

  6. On the Certificate management policy assignment section:

    1. Click Assign certificate management policy to open the Assign Certificate Management Policy pane.

    2. Under Policy usage, select Bootstrap.

    3. Enter the Name of the policy assignment.

    4. From the Assign Certificate management policy dropdown, choose the certificate management policy created in Part 2: Configure Device Trust Manager.

    5. Expand Device field mapping and map the inventory attributes (selected in the previous step) to certificate fields.

    6. Optionally, choose an Authentication policy to assign to the device group.

    7. Click Assign certificate management policy.

    8. Click Create device group to create.

Step 2: Register a single device

Registering a device in Device Trust Manager enables secure management and monitoring throughout the lifecycle of the device. By creating a device record, you can apply policies, deploy updates, and track device status.

Hinweis

  • Advanced plan: Devices must be registered to enable platform management.

  • Essentials plan: Device registration is not required; only device certificates are issued, and no device record is created.

  1. In the Device Trust Manager menu, select Device management.

  2. Click Register devices > Register single device.

  3. On the Device information step:

    1. Enter a Device name and, optionally, a description.

    2. Choose which Device group the registered device will be assigned to.

    3. Click Next.

  4. On the Certificate management policies section:

    1. Expand the Bootstrap certificate management policy for the device.

    2. From the Select Bootstrap Certificate management policy dropdown menu, choose the certificate management policy created in Part 2: Configure Device Trust Manager.

    3. Select Who generates the keypairs and if required, upload the necessary files.

    4. Under Certificate variables:

      1. Enter the Common name for the certificate.

      2. Modify additional fields as needed.

    5. Click Register device. If you selected DigiCert ONE to generate the keypairs, download the device’s private key and save it securely.

    Wichtig

    Do not select an Operational certificate management policy at this stage as operational certificates are managed through TrustEdge agent.

The registered device appears in the registered devices table with a Device state of Registered and a Connection status of Disconnected.

Tipp

For bulk device registrations,use the batch registration to register multiple devices at once by uploading a .CSV file.

Review your progress

After completing these steps, your Device Trust Manager setup should include:

  • Organized device groups for structured management.

  • Registered devices to prepare for management and updates.

What’s next?

Continue to Part 4: Connect a Linux device to manage the device with Device Trust Manager.

In diesem Abschnitt: