Skip to main content

Create a service user authentication certificate

  1. In DigiCert ONE, in the Manager menu (top right), select Account.

  2. In the Account Manager menu, select Access > Service User.

  3. On the Service users page, in the Friendly name column, select the service user's friendly name.

  4. On the Service user details page, in the Authentication certificates section, select Create authentication certificates.

  5. On the Generate authentication certificate page, provide the following information:

    1. Nickname

      This name is the display name on the Service user details page in the Authentication certificates section. The name must be unique and only include letters, numbers, spaces, dashes, and underscores.

    2. End date

      Enter the certificate expiration date. You cannot select an expiration date that is later than the service user's expiration date.

      If the service user end date does not fit your use case, update or remove the service user end date first. Then come back and generate the authentication certificate.

      Makes sure to note when the authentication certificate expires. You must generate a new certificate and update all API integrations using the certificate before it expires. If you don't, the service user integrations will stop working.

    3. Encryption

      Select an encryption algorithm to use for securing communications. DigiCert recommends AES (Advanced Encryption Standard), which is the default selection.

    4. Signature hash algorithm

      Select a hash function to use for verifying data integrity. DigiCert recommends SHA-256, which is the default selection.

  6. When ready, select Generate certificate.

    After you generate the authentication certificate, you cannot change the end date. To get a new end date, you must generate a new authentication certificate.

  7. In the Generate authentication certificate popup window, copy the certificate's password that protects the certificate and save it in a secure location. You will need to use it later when installing the certificate or using it in your certificate request.

    For example, if using a web API client, such as postman, you must include the location where your certificate is hosted and the certificate's password.

    The certificate's password is only displayed only once. You cannot access it after you select Download certificate. If you ever lose the password, you'll need to generate a new authentication certificate.

  8. After you save the authentication certificate's password, select Download certificate.

    You cannot download the certificate again. If you don't download the certificate or lose it, you'll need to generate a new authentication certificate.

  9. Save the authentication certificate to your computer.

  10. When ready, select Close.

What's next

You can now use the service user authentication certificate in your request to authenticate to the DigiCert ONE APIs.

In this section: