Skip to main content

CertCentral integration

Publicly trusted code signing certificates must conform to strict CA/B forum guidelines and be validated by a a third party trusted certificate authority like DigiCert. Integrate your DigiCert​​®​​ Software Trust Manager account with CertCentral to order and manage publicly trusted certificates from your account.

Enable CertCentral integration

If your account is hosted by DigiCert, contact your account manager to enable CertCentral integration.

If your account is self-hosted, your system administrator can enable CertCentral by following the steps below:

  1. Sign in to DigiCert ONE as an account level system admin.

  2. Navigate to the Manager menu icon (top right corner) > Software Trust.

  3. In the left navigation bar, select Account > Account settings.

  4. Select the pencil icon next to System.

  5. Select Enable CertCentral integration.

  6. Select Update settings.

CertCentral integration

Software Trust Manager integrates with CertCentral to request publicly trusted code signing certificates from DigiCert, a publicly trusted Certificate Authority (CA).

Nota

To integrate with CertCentral, you will need to have a:

  1. Sign in to DigiCert ONE.

  2. Navigate to the Manager menu icon (top-right) > Software Trust.

  3. In the left navigation bar, select Integrations.

  4. Under Certificate authorities, click the CertCentral logo.

  5. Complete the following fields

    Field

    Description

    Where is your CertCentral account located?

    Select the radio button based on where your CertCentral is located:

    • CertCentral global

      https://certcentral.digicert

    • CertCentral Europe

      https://certcentral.digicert.eu/

    How would you like to connect your account?

    If you select Connect using my CertCentral API key, you will need to provide:

    If you select Connect using my CertCentral credentials, you will need to provide your:

    • CertCentral username

    • CertCentral password

  6. Click Add to integrate with CertCentral.

Sugerencia

You are ready to manage your publicly trusted code signing certificates.

Generate an API key in CertCentral

  1. Sign in to CertCentral.

  2. In the left-hand side navigation bar, select Automation.

  3. Navigate to: API Keys > Add API Key.

  4. Complete the following fields:

    Field

    Description

    Description

    Provide an identifiable name for your CertCentral API key.

    User

    Select a user you want to link the CertCentral API key to.

    Nota

    The user must have the Administrative role assigned to them in CertCentral.

    API key restrictions

    Select Orders, Domains, and Organizations.

  5. Select Add API Key.

Nota

The API key is only shown once, it cannot be accessed again. Securely store the API key to use it later.

Update certificate chain in CertCentral

This step is only necessary if you want your CertCentral code signing certificates to be issued from a specific root.

Aviso

Prerequisite

Contact your DigiCert account manager to change the default certificate chain for your CertCentral account or add additional chains.

To change the default Intermediate Certificate Authority (ICA):

  1. Sign in to CertCentral.

  2. In the left-hand side navigation bar, select Settings.

  3. Navigate to: Product Settings > Code Signing > Default intermediate chain.

  4. Select the ICA you want to use.

Create certificate profile for CertCentral

Follow these instructions to create a certificate profile. To use the certificate profile for CertCentral, you must select CertCentral (public trust) as the Profile type.

Create a keypair for CertCentral

Follow these instructions to create a keypair. To use the keypair for CertCentral, you must select HSM as the Storage.

Generate a certificate from CertCentral

Follow these instructions to generate a certificate. To generate a certificate from CertCentral, you must select a public trust certificate profile as the Certificate profile.

View CertCentral certificates

To view public certificate issued by CertCentral:

  1. Sign into DigiCert ONE.

  2. Navigate to: Manager menu (top-right) > Software Trust.

  3. In the left-hand side navigation bar, select Certificates > CertCentral Orders.

  4. Click on the order ID for more information

En esta sección: