Skip to main content

Linux agent silent mode preparation

Follow the below steps to prepare for silent mode installation of DigiCert​​®​​ agents on one or more Linux servers for use with CertCentral.

You can prepare the silent mode installation on any Linux system. It does not need to be one of the systems where you will install a DigiCert agent.

Before you begin

You need a CertCentral API key to authenticate agents for silent mode installation. To create an API key in CertCentral:

  1. Select Automation > API Keys from the left main menu.

  2. Select the Add API Key button and fill out the resulting form:

    • Description: Enter a user-friendly description for this API key.

    • User: Select an administrator user.

    • API key restrictions: Leave it set to "None".

  3. Select the Add API Key button to finish creating the key. Copy the key to a secure location. It only gets shown once.

注記

You can reuse the same API key to install Windows or Linux agents in silent mode. You can delete the API key after the agents are deployed.

Go

You need the latest version of Go to build the companion application for silent mode installation.

To download and install Go, refer to the official Go documentation.

注記

64-bit versions of Linux (CentOS 7 and above) require go1.18.5 or above.

DigiCert agent software

Download the Linux agent installer and silent mode tools from CertCentral:

  1. From the left main menu, select Automation > Manage automation.

  2. Select the Add automation button, then select Set up an agent.

  3. Select Yes for your server can be reached directly.

  4. Use the Download button to download the latest version of the DigiCert agent installer for Linux. It should have a name like adm_agent_N.N.N_linux64.zip, where "N.N.N" is the agent version number.

  5. Select the Do you want to install the agent silently on multiple servers? link. In the resulting pop-up window:

    1. Select the Companion application build code link to download the companion application package (Digicert-Agent-Deployment-Companion.zip).

    2. Select the Linux link to download the silent mode installer script for Linux (silentInstaller-by-companion-lnx.sh).

To build the companion application for silent mode installation of Linux agents:

  1. Unzip the companion application package you downloaded from CertCentral (Digicert-Agent-Deployment-Companion.zip).

  2. Navigate into the unzipped Digicert-Agent-Deployment-Companion directory.

  3. Run the following command as root to build the companion application, replacing the {DEVKEY} parameter with your API key:

    (set GOARCH=amd64) && (set GOOS=linux) && go build -o digicert-agent-deployment-companion -trimpath -ldflags="-s -w -X 'main.devkey={DEVKEY}'"

    For example:

    (set GOARCH=amd64) && (set GOOS=linux) && go build -o digicert-agent-deployment-companion -trimpath -ldflags="-s -w -X 'main.devkey=IWMDAWMDAWWHCNMJEWMTE5MJM1OTU5WJBXMQSWCQYDVQQGEWJVUZEXMBUGA1UECHMOVMVYAVNPZ24SIEL'"

The compiled companion application gets saved as digicert-agent-deployment-companion in the Digicert-Agent-Deployment-Companion directory.

To prepare the software distribution package for silent mode installation of Linux agents:

  1. Create a directory called DigiCertADMAgentGPOInstaller somewhere on the build system.

  2. Copy the following files into the DigiCertADMAgentGPOInstaller directory you created:

    • adm_agent_N.N.N_linux64.zip: The DigiCert agent installer you downloaded from CertCentral, where "N.N.N" is the agent version number.

    • silentInstaller-by-companion-lnx.sh: The silent mode installer script you downloaded from CertCentral.

    • digicert-agent-deployment-companion: The compiled companion application file you built in Step 2: Build the companion application.

  3. Make sure the silent mode installer script is executable. For example:

    chmod +x silentInstaller-by-companion-lnx.sh
  4. Create a .tar.gz file called DigiCertADMAgentGPOInstaller.tar.gz that contains the DigiCertADMAgentGPOInstaller directory you created and the three files you copied into it. For example:

    tar -czvf DigiCertTLMAgentGPOInstaller.tar.gz DigiCertTLMAgentGPOInstaller

What's next

After completing the Linux agent silent mode preparation, you are ready to install Linux agents in silent mode on your servers.