Skip to main content

CA certificates

Use the Account > Root CAs function to upload the certificates for your own root and intermediate certificate authorities (CAs) into DigiCert​​®​​ Trust Lifecycle Manager. This helps analyze and manage the end-entity certificates issued from these CAs to:

  • Evaluate certificate security and chain information more accurately.

  • Categorize and manage end-entity certificates by the issuing CA.

  • Create unique certificate lifecycle notifications per issuing CA.

  • Verify trusted CAs for EST client authentication.

Aviso

Any root and intermediate CA certificates that you add are account-scoped to the Trust Lifecycle Manager account where you uploaded them.

Private versus public CAs

Private CA certificates become active as soon as you upload them.

Public CA certificates are initially set to inactive, pending DigiCert review. Contact Support with questions or for help expediting the approval process.

Add a CA certificate

To upload one of your root or intermediate CA certificates into Trust Lifecycle Manager:

  1. From the Trust Lifecycle Manager main menu, select Account > Root CAs.

  2. Select Add CA certificate.

  3. Select the applicable Trust type for this CA certificate (private or public).

  4. Drag and drop the CA certificate file into the Upload certificate area, or click to select the file from your computer.

  5. Select Add to upload the CA certificate.

Importante

The certificate file you upload must be encoded in PEM or DER format and have a file extension of .cer or .der. The maximum file size is 5 MB.

View uploaded CA certificates

The Account > Root CAs page lists all the existing root and intermediate CA certificates you have uploaded into Trust Lifecycle Manager.

Select any CA certificate by name to see the complete details for it.

Manage your CA certificates

From the list of CA certificates on the Account > Root CAs page you can:

  • Use the download icon to download the certificate file for any of your existing CAs.

  • Use the Delete action to remove any CA certificate from Trust Lifecycle Manager, or select multiple CA certificates to delete in bulk.

Aviso

Deleting a CA certificate may result in reduced management functionalities and/or less accurate analysis of any end-entity certificates issued from that CA.