Install and activate agents
Automating certificate requests on standard hosts, such as web servers, requires that the DigiCert® agent software be installed and running on each host.
Optionally, you can use a local DigiCert® sensor as proxy to add fault tolerance options to your host automations. You will be prompted about proxy options during the agent installation process.
Avis
This page describes the standard process of installing and activating a DigiCert agent on a single server.
You can also install DigiCert agents in "silent mode" to minimize the need for user intervention and deploy on multiple servers at once. To learn more, see Install DigiCert agents in silent mode.
Before you begin
Verify the system and network requirements for the agent. See Prérequis système et réseau.
You must have root or administrator permissions on the local system to install the agent.
Agent deployment workflow
Follow these steps to install a DigiCert agent and activate it for use.
An activation key is required to complete the installation process and start using an agent for certificate automation. Generate the activation key in DigiCert® Trust Lifecycle Manager before installing the agent:
From the main menu, select Discovery & automation tools > Agents.
Select the Generate activation code button at top.
Select a Business unit to assign the agent to for management purposes.
Select the Generate the code button.
Copy and save the 6-digit activation code somewhere so it can be input during the agent installation process.
Avis
The activation code is valid for 30 minutes and is for one-time use only. If it expires, follow the same process to generate a new one.
From the main menu, select Discovery & automation tools > Client tools.
Select the agent installer for your operating system.
For Windows, select Agent - Windows installer.
For Linux, select Agent - Linux installer.
From the installer pager, select the download icon on the right to download the installer.
Windows
Unzip the installer you downloaded and run the DigiCert TLM Agent executable as an administrator on the certificate host.
Select the button to Install the agent. Follow the prompts to install it.
When prompted, select to confirm that I have the activation code.
Select how the agent will connect to DigiCert® Trust Lifecycle Manager:
Direct, no proxy: If the agent will connect directly.
My own proxy server: If connecting through a third-party proxy server. You will be prompted to enter the proxy server details.
DigiCert sensor as proxy: If connecting through a DigiCert® sensor as proxy. You will be prompted to enter the sensor details.
On the activation screen, enter the Activation code. Optionally, assign a custom name to the agent.
On the final screen, select whether to start the agent service now. The agent service needs to be running before you can automate certificate lifecycle events on the host.
Linux
Untar the installer file you downloaded on the certificate host (for example,
tar -xzvf <agent-file>.tar.gz
).Change into the installation directory, and run start-tlm-agent.sh as root (for example,
sudo ./start-tlm-agent.sh
).Follow the prompts to install and activate the agent.
When prompted, enter the Activation code.
Select how the agent will connect to DigiCert® Trust Lifecycle Manager:
Direct, no proxy: If the agent will connect directly.
DigiCert sensor as proxy: If connecting through a DigiCert® sensor as proxy. You will be prompted to enter the sensor details.
My own proxy server: If connecting through a third-party proxy server. You will be prompted to enter the proxy server details.
Optionally, assign a custom name to the agent.
Uninstall or reinstall an agent
To uninstall an existing DigiCert agent:
Windows: Use the Windows Apps control panel to uninstall the DigiCert agent software.
Linux: Stop the DigiCert agent service, then delete the directory where you installed the agent.
To reinstall the DigiCert agent on a host: first uninstall the existing agent as described above and then download and install/activate a fresh agent for Windows or Linux.
What's next
Go to the Discovery & automation tools > Agents page in Trust Lifecycle Manager to view details for your installed agents and configure them to manage certificate lifecycle automation events on your servers.