Trust Lifecycle Manager operates on a subscription licensing model, offering a range of licenses corresponding to different activities within your account. Understanding these licenses and their limits is essential for managing your accounts effectively.
License | Description | Consumption |
---|---|---|
User seats | A public or private trust certificate issued to a person, for use cases including authentication to a private network (VPN) or website, wireless access, or signing/encrypting emails. Any such certificate issued from a DigiCert-based CA tracks to a User seat. This includes private user certificates from DigiCert® CA Manager or public S/MIME certificates from CertCentral. User seats are the only type that allow multiple certificates per seat. A single User seat is consumed for each person to whom a certificate is issued. An unlimited number of unique certificates can be issued to that person, and up to 250 duplicate certificates can be issued for any of those unique certificates. |
You cannot exceed the allocated user seats unless your licenses are amended by Sales. |
Device seats | A private trust certificate issued by CA Manager to a physical device (such as a laptop, computer, or mobile device), typically for authentication or encryption. A Device seat is consumed for each physical device to which you issue a certificate. Each seat can only be used by that one device. |
You cannot exceed the allocated user seats unless your licenses are amended by Sales. |
Server seats | A private trust certificate issued by CA Manager to an organization’s internal servers (including web servers, proxy servers, load balancers, domain controllers, or wireless access points) for client or mutual authentication with users, devices, or other servers. Server seats support certificate lifecycle automation to help you enroll, update, and install certificates on your systems. |
You cannot exceed the allocated user seats unless your licenses are amended by Sales. |
Organization seats | A private trust certificate issued by CA Manager and used to create private external issuing CAs capable of issuing end-entity SSL certificates on-demand (typically used for TLS inspection) or used as a private code signing certificate. Both use cases require a specific certificate template in your account. Contact your DigiCert account representative with inquiries. |
You cannot exceed the allocated user seats unless your licenses are amended by Sales. |
Imported seats | A private trust certificate issued by an external CA that was uploaded into Trust Lifecycle Manager, and which also had its issuing CA imported into DigiCert® CA Manager. With Imported seats, you can monitor and manage existing certificates from external private CAs, including certificate validation and revocation. |
You cannot exceed the allocated user seats unless your licenses are amended by Sales. |
Discovery seats | A public or private trust certificate that was discovered and added to your account. With Discovery seats, you can monitor and set up custom expiration notifications for certificates from any issuing CA, regardless of whether the certificates were issued from your Trust Lifecycle Manager account. On systems with automation enabled and an available CA connector, discovered certificates can be placed under management with Trust Lifecycle Manager's automation tools, which swaps them out for Server or Certificate management seats. |
You can exceed the allocated discovery seats, but overages will be incurred. |
Certificate management seats | A public or private trust certificate issued by an external CA that was generated and/or is being managed in Trust Lifecycle Manager through a CA connector. With Certificate management seats, you can get new certificates or manage existing certificates from external issuing CAs for various end-entity types including users, devices, and servers. Certificate management seats also support certificate lifecycle automation. |
You cannot exceed the allocated user seats unless your licenses are amended by Sales. |