Issue certificate from DigiCert® Trust Lifecycle Manager using DigiCert Trust Assistant
There are multiple ways to issue certificates using DigiCert® Trust Assistant. It can vary depending on the authentication method you select during the profile creation (see Create certificate profile). The following methods are supported:
Enrollment code - Issue using enrollment code generated by the administrator. Refer to Issue certificate using enrollment code.
Manual approval - Issuance requires approval by the administrator. Refer to Issue certificate using manual approval.
SAML IdP - Issuance requires authentication through your organization’s Single Sign-On. Refer to Issue certificate using SAML IdP.
DigiCert ONE login - Sign in to DigiCert® Trust Assistant to start issuing certificates. Refer to Signing in. You can use the following methods:
Issue certificate using enrollment code
Access the enrollment URL that you received in your email and open it using any of the supported browsers on your machine. Wait for the page to load completely.
In the Verify and submit enrollment page, enter the details and select Submit.
In case the token is PIN-protected, enter the token PIN in the pop-up dialog box and select Submit. Every wrong PIN entered here consumes a PIN retry attempt counter. Try to avoid repetitive wrong attempts.
Install the certificate to the token by selecting Install Certificate.
After the certificate is successfully installed, DigiCert® Trust Assistant executes the post-processing scripts (only if configured by your administrator) as part of post-certificate installation tasks. You will see the post-certificate installation section soon after the certificate is installed on your computer.
For example, DigiCert® Trust Assistant might configure MS Outlook's security profile to use the target certificate for signing and encryption.
Issue certificate using manual approval
For manual approval, select the enrollment URL from the Enrollment URL field. This is a fixed URL that is auto-generated for the specific profile.
In the Enrollment request page, enter the enrollment details and select Submit.
Wait for the admin approval email.
After you receive the email, select the certificate pickup URL sent in the email.
Select Install certificate to install your certificate on your browser keystore.
In the case of PIN protection, you will be prompted to enter the PIN or password if the target keystore is protected.
Issue certificate using the SAML IdP
Access the enrollment URL on any of the supported browsers on your machine and wait for the page to load completely.
Authenticate using SAML IdP.
Enter the enrollment details (if any) and submit it.
In the case of PIN protection, you will be prompted to enter the PIN or password if the target keystore is protected.
After the successful PIN confirmation, install the certificate.
Opmerking
In case of hardware tokens, for the enrollment code, manual approval, and SAML IdP authentication methods, all the tokens that are inserted and supported on the computer are listed on the enrollment details page. In the enrollment verification page, you can choose and select tokens if multiple tokens are inserted.
Renew certificates from DigiCert® Trust Lifecycle Manager using DigiCert Trust Assistant
Based on the renewal setting configured in your certificate profile, proceed and renew your certificate. Make sure that the renewal request is sent from the same computer where the certificate to be renewed is installed, or else the request will fail.
When the certificate installation is complete, you can verify the certificate details in the corresponding KeyStore.