Note
This feature is available from version 1.2.2.
Users can manually or automatically recover certificates issued and escrowed in the DigiCert cloud.
DigiCert® Trust Assistant runs a recovery check to see if any certificates can be recovered for the signed-in user. If it finds a recoverable certificate then the user is alerted via a notification alert with a link to initiate the manual recovery process.
There are two ways to trigger manual recovery:
From the Certificate profiles pane, go to the Issued certificates pane (use Certificate profiles > Issued certificates > Quick actions > Key recovery) and select the token to recover the certificate if multiple tokens are available.
From Notifications — You will be notified when DigiCert Trust Assistant finds a recoverable certificate.
In the Notifications window, a key recovery success or failure message is shown.
If there is a runnable post-processing script, the option to run the script is shown in the success pane. Select Run scripts to open the script runner dialog.
If there are any public or private escrowed certificates (valid, expired, or revoked) on DigiCert Cloud that are linked to profiles with the auto-recovery feature, the auto key recovery process is automatically triggered upon successful sign-in. All matching certificates issued by the logged-in user will be recovered without any user action.
A notification is sent about successful recovery or failure. The post-processing script associated with this profile will be triggered after successful recovery. In case of failed key recovery or post-processing script, a re-attempt can be triggered from the Notifications panel.
Note
If the profile is configured with the DigiCert Software KeyStore (DSKS), the DSKS must be initialized and the DSKS provider/token must be registered.
PIN or password requirement: See PIN or password requirement. During key recovery operation, a PIN or password may be required to save the recovered certificates to the target keystore (if protected).