Skip to main content

Manage an existing certificate deployment

Follow these steps to manage an existing certificate deployment on one of your systems.

Available lifecycle management actions depend on the current certificate status and may include options to renew, reissue, request a duplicate certificate, get your next certificate for multi-year orders, or switch to another certificate authority (CA).

Notice

You can renew, reissue, or switch CAs for multiple certificates at once. To learn more, see Bulk manage multiple certificate deployments.

Submit the certificate automation request

To request automated lifecycle management of an existing certificate:

  1. From the Trust Lifecycle Manager main menu, select Inventory.

  2. Use the View inventory functions to display the certificate you want to manage.

  3. Hover the Common name for the certificate you want to manage and select one of the available automation actions on the right. Available actions depend on the current certificate deployment status and may include:

    • Request: Issue and deploy a duplicate certificate.

    • Renew: Issue and deploy the same certificate with new validity dates.

    • Reissue: Issue and deploy a new certificate from the same CA with the same validity dates. Use this action to deploy a fresh certificate after making changes to one of your certificate profiles, or to get the next certificate in a CertCentral multi-year plan.

    • Switch: Issue and deploy a new certificate from a different CA.

    Notice

    Automation actions may display as either icons or selections in the actions (three dots) menu to the right of the certificate common name. For actions presented as icons, hover the icon to see the associated action.

  4. Fill out the Automation request form:

    • Profile: Select the certificate automation profile for the certificate to issue. When renewing or reissuing a certificate with an active profile in Trust Lifecycle Manager, the associated certificate profile gets pre-selected here.

    • Certificate information: Verify the common name and any subject alternative names (SANs) for the certificate.

    • Additional order options: (Optional) If present, use this field to enter comments and information about the order. This information does not get added to the actual certificate.

    • Schedule certificate automation: Select whether to run the lifecycle management action now or schedule it for a later date and time.

    • Auto-renew: (Optional) Select any auto-renewal options for the certificate. These options will apply to this certificate only and override any auto-renew options configured in the certificate profile.

    • Scripts: (Optional, for web servers only) Select from available pre- or post-installation scripts to run on a one-time basis for this automation event. These override any similar scripts in the agent configuration. To learn more, see Agent scripts.

    • Tags: (Optional) Apply one or more tags to the issued certificate to help identify it in Trust Lifecycle Manager for management and tracking purposes.

    • Select the checkbox at bottom to acknowledge acceptance of the Certificate Services Agreement.

  5. Select Submit to finalize the certificate automation request.

What's next

Trust Lifecycle Manager runs the certificate lifecycle automation job now or at the time you schedule in each request. You can check status of automation requests at any time from the Inventory view.