Skip to main content

Create automation profiles for private AWS certificates

Before you begin

You need a connector that links DigiCert​​®​​ Trust Lifecycle Manager to the AWS Private CA account.

You need available Certificate management seats allocated to the business unit where certificates will be issued.

Create the certificate profile

  1. From the main menu, select Policies > Certificate profiles.

  2. Select the Create profile from template button at top.

  3. Select the AWS CA Private Server Certificate template as the basis for creating the profile.

  4. Fill in the Primary options for your new profile:

    • Profile name: Enter a friendly name for this profile.

    • Business unit: Select the business unit for certificates issued from this profile.

    • Connector: Select the DigiCert​​®​​ Trust Lifecycle Manager connector that links to AWS Private CA.

    • Enrollment method:

      • Select DigiCert agent to install certificates to web servers using DigiCert agents.

      • Select DigiCert sensor to install certificates to network appliances or cloud services using DigiCert sensors.

      • Select 3rd-party ACME client to request and install certificates using a third-party ACME client instead of DigiCert's managed automation tools.

  5. Select the Certificate options for certificates issued from this profile:

    • Certificate fields: Select the certificate validity period and signing algorithm.

    • Renewal options: Select whether auto-renewal should be enabled for certificates. If enabled, select whether to renew certificates 30 days before expiration or set up a custom schedule.

  6. Select any Extensions for certificates issued from this profile:

    • Key usage: Allowed security services for the certificate keys.

    • Extended key usage: How certificate public keys can be used.

  7. Select any Additional options for:

    • Email configuration and notifications: Email communications settings for certificate lifecycle event notifications.

    • LDAP search: Whether certificates should be searchable via LDAP.

    • Organization and contact details: Select an organization and enter any contact details specific to certificates issued from this profile.

    • Tags: Enter custom tags to apply to all certificates issued from this profile. Tags help identify the certificates for tracking and management purposes.

  8. When you are ready, select Create to save the new certificate automation profile.

In deze sectie: