CertCentral automation agent technical reference

Refer to this technical documentation for advanced installation, configuration, and usage of the CertCentral automation agent. The CertCentral automation agent is the official DigiCert ACME client that is installed on your web server when automating a TLS/SSL certificate issued through CertCentral.

Technical reference for installation and configuration
DNS Providers Configuration Guide

Automation command example

A typical default CertCentral automation command for Linux and Apache is constructed like this:

curl https://automation-service.digicert.com/dc-acme/1.0.0/linux/install.sh | sudo bash -s -- request enroll \
--directory-url "https://one.digicert.com/mpki/api/v1/acme/v2/directory" \
--email "john.smith@mycompany.com" \
--eab-key "4f6QE0_IhSvoDS1KxJwf1hCFWLEw9KcyROu7AbbHOuA" \
--eab-hmac "YWIwY2I1YWY2MDY5NTZjM2ZmNTE5NzYxMjA3YmU3NjNhYmM2YmI0NjJmNTk3MzRhMTkzMjhkMTk0ZmE5OWI0YQ" \
--cn "mycompany.com" \
--key-type "RSA" \
--challenge-type "http-01" \
--challenge-handler-name "apache" \
--installer-handler-name "apache" \
--installer-handler-args "identifier=mycompany.com"

Automation command general operation

When you run the CertCentral automation command on your web server, the command performs these actions:

Checks if the DigicertAcmeClient service exists.
- If the automation service exists, the service is verified as running or started if not running. No additional download is required.
- If the automation service does not exist, the dc-acme.zip package is downloaded and then automatically extracted, installed, and started.
Runs the ACME operations defined in the automation command with specified and default options.
Automatically cleans up temporary files when all operations are complete.

What's next

Before you automate: prerequisites and limitations to confirm account, system, and network requirements before configuring advanced automation

En esta sección: