Skip to main content

Recovery of imported certificates

From DigiCert​​®​​ Trust Assistant version 1.2.7, DigiCert ONE logged-in users can recover certificates imported from external systems. The supported platform is DigiCert PKI Platform 8. For more configuration details, see DigiCert PKI Platform 8 connector guide.

Imported certificate recovery criteria

The following criteria must be met for a user to recover an imported certificate:

  • The user must be logged in to DigiCert Trust Assistant through DigiCert ONE. Refer to DigiCert ONE login profile for more details.

  • The administrator must configure DigiCert​​®​​ Trust Lifecycle Manager to enable recovery of imported certificates through DigiCert Trust Assistant. For more configuration details, see DigiCert PKI Platform 8 connector guide.

  • The imported certificate’s SubjectDN:email or the first SAN:rfc822Name field must match the user's username or email.

  • The imported certificate must also have the private key imported to DigiCert ONE.

Recover the imported certificate

DigiCert ONE–logged-in users can either manually recover the certificate or automatically recover it upon sign-in, depending on the configuration. Certificate recovery for imported certificates works the same way as for certificates issued by DigiCert ONE Trust Lifecycle Manager, including triggering post-processing scripts after a successful recovery. For more information, see Key recovery options for DigiCert Trust Assistant.

Restrictions on imported certificates

Imported certificates have certain restrictions compared to certificates issued by DigiCert ONE Trust Lifecycle Manager, as certificate recovery is only supported:

  • You cannot renew the certificate.

  • You cannot issue a new certificate from the profile shown in the Certificate profiles pane.

Dans cette section​: