Skip to main content

Configure custom email notifications for certificate expiration

Follow these steps to send custom email notifications when imported third-party certificates expire.

Warning

To send email notifications, the imported certificates must contain an email address in either the SAN (RFC822Name) or SubjectDN (Email) field. A warning is added to the audit logs for any certificates that are missing an email address in one of these fields.

Before you begin

Import the certificates into DigiCert​​®​​ Trust Lifecycle Manager with the tag_name parameter set. For details, see Import certificates via REST API.

Configure a custom notification

To configure a custom email notification for a batch of imported certificates with a particular tag_name:

  1. In the Trust Lifecycle Manager menu, go to Policies > Notifications.

  2. Find the default notification named Uploaded certificate expiring. To help find it, filter by Category name Expiring certificates.

  3. For the Uploaded certificate expiring notification, select the copy icon in the leftmost column to clone it.

  4. Fill out the form to configure the custom notification:

    • Notification name: Assign a friendly name to this notification.

    • Additional criteria: Select Tags in the first dropdown. Select an operator in the second dropdown and specify the certificate tags you want to target with this notification, as set in the tag_name parameter when uploading the certificates.

    • Notice windows: Select when notifications should be sent out relative to certificate expiration.

    • Recipients: Select the email recipients.

    • Email template: Keep the default email content or customize as needed.

  5. Select Save to finish adding the new email notification.

In this section: