Create certificate profiles
You create certificate profiles in DigiCert® ONE Trust Lifecycle Manager to define the types of certificates that can be requested from ServiceNow.
DigiCert provides base templates to help you create certificate profiles. Select Policies > Base templates from the Trust Lifecycle Manager main menu to see the complete list of templates assigned to your account.
Make sure to create your certificate profiles from one of the ServiceNow-enabled base templates listed below. Contact your DigiCert system administrator or account representative if you need help verifying prerequisites or creating certificate profiles in DigiCert ONE.
ServiceNow-enabled base templates
For the ServiceNow integration, create your certificate profiles in DigiCert ONE from one of the following base templates. Configure the profile to use one of the supported combinations of enrollment/authentication methods shown in the table.
To get certificates from issuing CAs outside of DigiCert® Private CA, you need a connector set up in DigiCert ONE.
Template name | Trust type | Seat type | Issuing CA | Enrollment / Authentication methods |
---|---|---|---|---|
| Private | CA Manager |
| |
| Private | CA Manager |
| |
| Private | CertCentral |
| |
| Public | CertCentral |
| |
| Private | Microsoft |
| |
| Private | Microsoft |
| |
| Public | CertCentral |
| |
| Public | CertCentral |
|
Automate approval for certificate renewals
For certificate profiles configured with the Manual Approval
authentication method, certificate requests must be approved in the ServiceNow app by a user with the x_dice_digicertone.business_owner role. By default, this applies to both new enrollments and certificate renewals.
To override this behavior and allow renewal of existing certificates without manual approval, configure your certificate profile as follows:
In the profile configuration wizard in DigiCert ONE, navigate to the Certificate options screen.
In the Renewal options section, select the checkbox to enable Automated approval for renewal requests.
Importante
For certificate profiles configured with this option, the initial enrollment request still requires manual approval in ServiceNow. Thereafter, renewal requests for the same certificate are processed without the need for additional approvals.