Skip to main content

Automation actions

Listed below are certificate lifecycle events that you can schedule and manage via the CertCentral automation service. In all events, the automation service handles not only the initial request, but also downloads and installs the resulting TLS certificates.

  • Enroll new certificates

    The automation service generates the initial Certificate Signing Request (CSR) and then downloads and installs the new certificates as soon as they're available.

  • Reissue existing certificates

    Reissues can be requested for individual certificates or in bulk. The reissued certificates get automatically installed when ready.

  • Renew certificates

    Certificates can be configured to auto-renew or else can be renewed at any time. New certificates are installed seamlessly to avoid service disruptions.

  • Replace certificates

    Existing third-party certificates can be automatically replaced with new certificates from DigiCert to enhance system uniformity and security.

  • Request duplicate certificates

    Duplicate certificates can be automatically installed onto redundant systems for extra security. The duplicate certificates are downloaded and installed immediately.


As a security precaution, certificate revocations cannot be entirely automated. However, CertCentral allows you to quickly access the order pages for your automated certificates in case you need to revoke any of them. See Revoke an issued TLS/SSL certificate.