Skip to main content

Create certificate profiles

You create certificate profiles in DigiCert® ONE Trust Lifecycle Manager to define the types of certificates that can be requested from ServiceNow.

DigiCert provides base templates to help you create certificate profiles. Select Policies > Base templates from the Trust Lifecycle Manager main menu to see the complete list of templates assigned to your account.

Make sure to create your certificate profiles from one of the ServiceNow-enabled base templates listed below. Contact your DigiCert system administrator or account representative if you need help verifying prerequisites or creating certificate profiles in DigiCert ONE.

ServiceNow-enabled base templates

For the ServiceNow integration, create your certificate profiles in DigiCert ONE from one of the following base templates. Configure the profile to use one of the supported combinations of enrollment/authentication methods shown in the table.

To get certificates from issuing CAs outside of DigiCert® Private CA, you need a connector set up in DigiCert ONE.

Template name

Trust type

Seat type

Issuing CA

Enrollment / Authentication methods

Generic Private Server Certificate

Private

Server

CA Manager

  • CSR / Manual Approval

Generic User Certificate

Private

User

CA Manager

  • CSR / Manual Approval

  • DigiCert Trust Assistant / Manual Approval

CertCentral Private Server Certificate

Private

Certificate management

CertCentral

  • CSR / Manual approval

CertCentral Public Server Certificate

Public

Certificate management

CertCentral

  • CSR / Manual Approval

Microsoft CA Private Server Certificate

Private

Certificate management

Microsoft

  • CSR / Manual Approval

Microsoft CA User Certificate

Private

Certificate management

Microsoft

  • Browser PKCS12 / Manual Approval

  • CSR / Manual Approval

  • DigiCert Trust Assistant / Manual Approval

Public Client Authentication (via CertCentral)

Public

User

CertCentral

  • CSR / Manual Approval

  • DigiCert Trust Assistant / Manual Approval

Public S/MIME Secure Email (via CertCentral)

Public

User

CertCentral

  • CSR / Manual Approval

  • DigiCert Trust Assistant / Manual Approval

Automate approval for certificate renewals

For certificate profiles configured with the Manual Approval authentication method, certificate requests must be approved in the ServiceNow app by a user with the x_dice_digicertone.business_owner role. By default, this applies to both new enrollments and certificate renewals.

To override this behavior and allow renewal of existing certificates without manual approval, configure your certificate profile as follows:

  1. In the profile configuration wizard in DigiCert ONE, navigate to the Certificate options screen.

  2. In the Renewal options section, select the checkbox to enable Automated approval for renewal requests.

Importante

For certificate profiles configured with this option, the initial enrollment request still requires manual approval in ServiceNow. Thereafter, renewal requests for the same certificate are processed without the need for additional approvals.