Skip to main content

Install a new certificate on an unsecured IP/port

Follow these steps to enroll and install a new certificate onto an unsecured IP/port endpoint on one of your web servers, network appliances, or cloud services.

Before you begin

Submit the certificate automation request

To request certificate issuance and installation on an unsecured IP/port target on one of your systems:

  1. From the Trust Lifecycle Manager main menu, select Inventory.

  2. Use the View inventory functions to display the unsecured IP/port endpoint where you want to install the certificate. You can use the Unsecured system view, or one of your saved custom views.

  3. Hover the Common name column for the endpoint where you want to install the certificate, open the actions (three dots) menu on the right, and select Request certificate.

    Importante

    The IP/port target you select must have an automation status of Configured. If not, check the configuration of the associated DigiCert agent (for web servers) or connector (for network appliances and cloud services).

  4. Fill out the Automation request form:

    • Choose profile: Select one of the available certificate automation profiles for the type of certificate you want to issue.

    • Certificate information: Add the common name and any additional order options for the certificate.

      Aviso

      For agent-based automation on Apache, Nginx, or Tomcat web servers, the common name must match an existing site in the web server configuration otherwise the certificate will get issued but the install will fail.

    • Schedule certificate automation: Select whether to run the lifecycle management action now or schedule it for a later date and time.

    • Auto-renew: (Optional) Select any auto-renewal options for the certificate. These options will apply to this certificate only and override any auto-renew options configured in the certificate profile.

    • Scripts: (Optional, for web servers only) Select from available pre- or post-installation scripts to run on a one-time basis for this automation event. These override any similar scripts in the agent configuration. To learn more, see Agent scripts.

    • Tags: (Optional) Apply one or more tags to the issued certificate to help identify it in Trust Lifecycle Manager for management and tracking purposes.

    • Select the checkbox at bottom to acknowledge acceptance of the Certificate Services Agreement.

  5. Select Submit to finalize the certificate automation request.

What's next

Trust Lifecycle Manager runs the certificate lifecycle automation job now or at the time you schedule in each request. You can check status of automation requests at any time from the Inventory view.