Install DigiCert Private CA

Before installing a self-hosted DigiCert® Private CA:

Make sure your environments are configured properly.
Make sure you have received a unique license key from your DigiCert account manager or other DigiCert representative

To install:

Add a helm repository for your self-hosted private CA.
```
helm repo add your-repo-name https://repo.pkiplatform.digicert.com/chartrepo/dcone
helm repo update
```
Important
Replace your-repo-name with your own descriptive name for your helm repository.
Generate a random string for the crypto master secret. For example, on Linux command line:
```
head -c 32 /dev/urandom | base64
```

Create a standalone-values.yaml file in the root directory with this content:

database:
  host: mariadb-mariadb.digicert-ca
  username: root 

#Your license key provided by DigiCert
license:

#Your host name
host:

Create the database for your self-hosted private CA.
```
mysql CREATE DATABASE digicert_ca;
```

Deploy your self-hosted private CA.

Important

Replace all instances of your-repo-name with the name you assigned in step 1.

Create the Kubernetes namespace:
```
kubectl create namespace your-repo-name
```

Add the database password secret and the crypto master secret generated in step 2:

kubectl create secret -n your-repo-name generic digicert-ca-secrets \
      --from-literal=databasePassword=<your databasePassword> \
      --from-literal=cryptoMasterSecret=<your cryptoMasterSecret>

Install the DigiCert® Private CA application:

helm upgrade --install ca your-repo-name/certificate-authority-standalone --values standalone-values.yaml --namespace your-repo-name

Installation complete! DigiCert® Private CA is ready for operation at https://<your domain>/.

In this section:

Install DigiCert Private CA

Important

Important

Search results