CertCentral 統合
Publicly trusted code signing certificates must conform to strict CA/B forum guidelines and be validated by a a third party trusted certificate authority like DigiCert. Integrate your DigiCert® Software Trust Manager account with CertCentral to order and manage publicly trusted certificates from your account.
CertCentral 統合を有効にする
If your account is hosted by DigiCert, contact your account manager to enable CertCentral integration.
If your account is self-hosted, your system administrator can enable CertCentral by following the steps below:
アカウントレベルのシステム管理者として、DigiCert ONEポータルにログインします。
右上のメニューアイコンに移動します。
左側のナビゲーションバーから、アカウントを選択します。
アカウント設定を選択し、[システム] の横にある鉛筆を選択します。
CertCentral 統合を有効にするを選択します。
設定の保存するを選択します。
CertCentral integration
Software Trust Manager integrates with CertCentral to request publicly trusted code signing certificates from DigiCert, a publicly trusted Certificate Authority (CA).
注記
To integrate with CertCentral, you will need to have a:
Software Trust Manager lead role or
Manage CertCentral API key
permissionCertCentral global or CertCentral Europe account
Sign in to DigiCert ONE.
Navigate to the Manager menu icon (top-right) > Software Trust.
In the left navigation bar, select Integrations.
Under Certificate authorities, click the CertCentral logo.
Complete the following fields
Field
Description
Where is your CertCentral account located?
Select the radio button based on where your CertCentral is located:
CertCentral global
https://certcentral.digicert
CertCentral Europe
https://certcentral.digicert.eu/
How would you like to connect your account?
If you select Connect using my CertCentral API key, you will need to provide:
An identifiable name for your CertCentral API alias
If you select Connect using my CertCentral credentials, you will need to provide your:
CertCentral username
CertCentral password
Click Add to integrate with CertCentral.
ヒント
You are ready to manage your publicly trusted code signing certificates.
CertCentralでAPIキー生成する
Sign in to CertCentral.
自動化 > API鍵を選択します。
APIキーの追加をクリックします。
新しい鍵の説明を追加します。
Field
Description
Description
Provide an identifiable name for your CertCentral API key.
User
Select a user you want to link the CertCentral API key to.
注記
The user must have the Administrative role assigned to them in CertCentral.
API key restrictions
Select Orders, Domains, and Organizations.
APIキーの追加をクリックします。
注記
再度取得することはできませんので、このAPIキーは保存してください。
Update certificate chain in CertCentral
This step is only necessary if you want your CertCentral code signing certificates to be issued from a specific root.
注記
Prerequisite
Contact your DigiCert account manager to change the default certificate chain for your CertCentral account or add additional chains.
To change the default Intermediate Certificate Authority (ICA):
Sign in to CertCentral.
In the left-hand side navigation bar, select Settings.
Navigate to: Product Settings > Code Signing > Default intermediate chain.
Select the ICA you want to use.
Create certificate profile for CertCentral
Follow these instructions to create a certificate profile. To use the certificate profile for CertCentral, you must select CertCentral (public trust) as the Profile type.
Create a keypair for CertCentral
Follow these instructions to create a keypair. To use the keypair for CertCentral, you must select HSM as the Storage.
Generate a certificate from CertCentral
Follow these instructions to generate a certificate. To generate a certificate from CertCentral, you must select a public trust certificate profile as the Certificate profile.
View CertCentral certificates
To view public certificate issued by CertCentral:
Sign into DigiCert ONE.
Navigate to: Manager menu (top-right) > Software Trust.
In the left-hand side navigation bar, select Certificates > CertCentral Orders.
Click on the order ID for more information