Install and activate a DigiCert agent
Install a DigiCert® agent on each server system where you want to discover and automate certificates using DigiCert® Trust Lifecycle Manager.
Avis
This page describes how to install a DigiCert agent on a single server. To deploy on multiple servers at once, see Install DigiCert agents in silent mode.
Before you begin
Make sure your system meets the system and network requirements for installing a DigiCert agent.
You need root or administrator permissions on the system to install an agent on it.
Install Windows agent
Follow these steps to install the Windows version of the DigiCert agent.
To download the Windows agent software and generate an activation key in Trust Lifecycle Manager:
From the Trust Lifecycle Manager main menu, select Discovery & automation tools > Client tools.
Select Agent - Windows installer.
Use the download button on the right to download the latest version of the DigiCert agent installer for Windows. It should have a name like tlm_agent_N.N.N_win64.zip, where "N.N.N" is the agent version number.
To get an activation code, select the Generate activation code button under Requirements. In the popup dialog that opens:
(Optional) Select a Business unit to assign the agent to. If you make a selection here, only users assigned as administrators for that business unit can manage the agent.
(Optional) Under Share the code, select a user to send the activation code to via email. For example, select an admin who will install the agent software.
Select the Generate the code button. Copy the code so you can use it to install the agent or provide it to the person who will perform the installation.
Avis
The activation code is valid for 30 minutes and is for one-time use only. If it expires, repeat the process to generate a new one.
To install and activate the agent software on a Windows server:
Unzip the installer you downloaded and run the DigiCert TLM Agent executable as an administrator.
Select the button to Install the agent. Follow the prompts to install the agent.
When prompted, select to confirm that I have the activation code.
When prompted, select how the agent will connect to Trust Lifecycle Manager:
Direct, no proxy: If the agent will connect directly.
My own proxy server: If connecting through a third-party proxy server. You are prompted to enter the proxy server details.
DigiCert sensor as proxy: If using a DigiCert sensor as a proxy. You are prompted to enter the sensor details.
On the activation screen, enter the Activation code you generated. Optionally, assign a custom name to the agent to help identify it in Trust Lifecycle Manager.
On the final screen, select whether to start the agent service now. The agent service needs to be running in order to discover and automate certificates on the host.
Install Linux agent
Follow these steps to install the Linux version of the DigiCert agent.
To download the Linux agent software and generate an activation key in Trust Lifecycle Manager:
From the Trust Lifecycle Manager main menu, select Discovery & automation tools > Client tools.
Select Agent - Linux installer.
Use the download button on the right to download the latest version of the DigiCert agent installer for Linux. It should have a name like tlm_agent_N.N.N_linux64.tar.gz, where "N.N.N" is the agent version number.
To get an activation code, select the Generate activation code button under Requirements. In the popup dialog that opens:
(Optional) Select a Business unit to assign the agent to. If you make a selection here, only users assigned as administrators for that business unit can manage the agent.
(Optional) Under Share the code, select a user to send the activation code to via email. For example, select an admin who will install the agent software.
Select the Generate the code button. Copy the code so you can use it to install the agent or provide it to the person who will perform the installation.
Avis
The activation code is valid for 30 minutes and is for one-time use only. If it expires, repeat the process to generate a new one.
Important
To avoid issues, DigiCert recommends installing the agent software in the /opt directory on Linux. Do not install the agent in the /tmp directory or in a user's home directory.
To install and activate the agent software on a Linux server:
Copy the installer archive you downloaded to the /opt directory or the directory where you want to install the DigiCert agent.
Unpack the installer archive (for example,
tar -xzvf <agent-file>.tar.gz). It creates an agent installation directory with a name like tlm_agent_N.N.N_linux64, where "N.N.N" is the agent version number.Change into the agent installation directory, and run start-tlm-agent.sh as root (for example,
sudo ./start-tlm-agent.sh). Follow the prompts to install and activate the agent.When prompted, enter the Activation code you generated.
When prompted, select how the agent will connect to Trust Lifecycle Manager:
Direct, no proxy: If the agent will connect directly.
My own proxy server: If connecting through a third-party proxy server. You are prompted to enter the proxy server details.
DigiCert sensor as proxy: If using a DigiCert sensor as a proxy. You are prompted to enter the sensor details.
(Optional) Assign a custom name to the agent to help identify it in Trust Lifecycle Manager.
Uninstall or reinstall an agent
To uninstall an existing DigiCert agent:
Windows: Use the Windows Apps control panel to uninstall the DigiCert agent software.
Linux: Stop the DigiCert agent service, then delete the directory where you installed the agent.
To reinstall the DigiCert agent on a host: First uninstall the existing agent as described above, then download and install a new agent.
What's next
View details about your active agents on the Discovery & automation tools > Agents page in Trust Lifecycle Manager.
Configure your agents to enable discovery scans and certificate lifecycle automation on the host systems.