Skip to main content

DigiCert PKI Platform 8

Link DigiCert​​®​​ Trust Lifecycle Manager to your PKI Platform 8 account to import and manage certificates from certificate authorities (CAs) in DigiCert PKI Platform 8.

Before you begin

  • You need your PKI Platform 8 account API key.

  • To import certificates from PKI Platform 8, you need the PKI8 Connector - import attributes feature enabled for your account.

Add PKI Platform 8 connector

  1. From the Trust Lifecycle Manager main menu, select Integrations > Connectors.

  2. Select the Add connector button.

  3. In the Certificate authorities section, select the tile for DigiCert PKI Platform 8.

    Complete the form as described in the following steps.

  4. Assign a user-friendly Name to the connector to help identify it.

  5. In the API key field, enter your PKI Platform 8 account API key.

    Important

    You must enter a valid API key before you can configure import options for the connector. As soon as you enter the API key, Trust Lifecycle Manager attempts to establish the link to your PKI Platform 8 account:

    • If there is an issue establishing the link, you get prompted to enter valid account details.

    • If the API key is accepted but imports are still disabled, the PKI8 Connector - import attributes feature is not enabled for your account. Contact your platform administrator to enable it.

  6. Import attributes: Select options for importing certificates from PKI Platform 8 into your Trust Lifecycle Manager account to be monitored and managed there.

    • Import certificates from this connector: Select whether to import certificates or not. If importing, select options for how and what to import.

    • Map PKI Platform 8 accounts to business units: Select options for how to map imported certificates from different PKI Platform 8 accounts/sub-accounts to business units in Trust Lifecycle Manager.

      • Select accounts to map: Choose this option to map your PKI Platform 8 accounts one at a time. After mapping an account, select the Add mapping link to map another one.

      • Map all available accounts: Choose this option to list all available PKI Platform 8 accounts. For each account, select the business unit to assign the certificates to in Trust Lifecycle Manager.

    • Import all certificates from accounts: For PKI Platform 8 accounts/sub-accounts selected here, certificates from all profiles will be imported. This is the default behavior. If you would rather select specific certificate profiles to import from, deselect the corresponding account and then use the next field to select individual profiles.

    • Import certificates from specific profiles: Use this dropdown to select individual profiles to import certificates from in PKI Platform 8. To select individual profiles here, the corresponding account/sub-account must not be enabled for 'import all' above.

    • Import certificates: Select the certificate types (X.509 and/or PKCS12) and status (valid, expired, revoked/suspended) to import from PKI Platform 8. For expired certificates, you must also select an expiration date range to import, up to a maximum of 7 years past expiration.

    • Tags (optional): Assign tags to the imported certificates to help filter and manage them in Trust Lifecycle Manager.

  7. Select Add to create the PKI Platform 8 connector with the configured settings.

What's next

After adding the connector

  • Certificate imports run asynchronously. Refresh the connector details page to track the total number of successful imports from PKI Platform 8.

  • On the connector details page, select the certificate counts under Assets found on this connector to load those certificates into your Inventory where you can view and manage them.

  • Certificates imported from PKI Platform 8 are bound to Imported seats. Any certificates already bound to User seats in Trust Lifecycle Manager will remain as such and will not consume additional seats.

  • Certificates that expire or get revoked in PKI Platform 8 get their status automatically synced back to Trust Lifecycle Manager.

Manage imported certificates

Trust Lifecycle Manager admins in the applicable business units can perform the following management actions for certificates imported from PKI Platform 8.

Action

Requirements

Recover escrowed (PKCS12) certificates

  • Manager or Recovery manager user role for Trust Lifecycle Manager or equivalent permissions.

  • Recovery works for both public and private certificates.

Revoke or Suspend/Resume certificates

  • Manager or User and certificate manager user role for Trust Lifecycle Manager or equivalent permissions.

  • The associated PKI Platform 8 connector and account must be active at the time the action is performed.

  • Revocation works for both public and private certificates. Suspend/Resume only works for private certificates.

En esta sección: