Skip to main content

Create a device group

Review the following before creating a device group:

  • Division: Confirm that a division is created in DigiCert® Device Trust Manager. Each device group must be assigned to a specific division.

  • Certificate management policy: Verify that there is an existing certificate management policy configured to support device registration and management.

  • Permissions: Make sure you have the Solution Administrator role, as it is required to create and manage device groups.

  1. Sign in to DigiCert® ONE as a Solution Administrator.

  2. In DigiCert ONE, in the Manager menu (grid at top right), select Device Trust.

  3. In the Device Trust Manager menu, select Device management > Device groups.

  4. Select Create device group.

  5. On the Settings step:

    1. Enter a Device group name that reflects the organizational structure or purpose.

    2. Select the Division for the device group.

    3. Optionally, add Labels to assist in searching and organizing device groups. These tags display in the device groups table.

    4. Select up to three Inventory attributes that uniquely identify the devices in the group. For example, MAC address, Serial number, and CPU ID.

    5. Optionally, add any Desired Attributes for metadata that will be applied across all devices in the group. For example, a key of EnvKey with a value of Production.

  6. On the Certificate management policy assignment step:

    1. Select Assign certificate management policy to open the Assign Certificate Management Policy pane.

    2. Select a Policy usage:

      • Bootstrap: defines how to issue and manage an initial/birth certificate.

      • Operational (optional): This policy type issues and manages short-lived x.509 certificates for device-service communication. certificates have a short lifespan, can be revoked, and are obtained using a bootstrap credential.

    3. Enter the Name of the policy assignment.

    4. From the Assign Certificate management policy dropdown, choose a certificate management policy.

    5. Expand Device field mapping and map the inventory attributes (selected in the previous step) to certificate fields.

    6. Optionally, choose an Authentication policy to assign to the device group.

    7. Select Assign certificate management policy.

      ヒント

      You can assign multiple certificate management policies to a device group, such as both a bootstrap and an operational policy. To do so, repeat the steps to add another policy after completing the initial assignment.

    8. Select Create device group to create.

このセクションの内容: