Skip to main content

Submit batch certificate request with CSRs

DigiCert​​®​​ IoT Trust Manager supports batch certificate requests—also known as batch jobs—as an efficient means to request and receive hundreds or thousands of certificates for a common enrollment profile. In a batch request, you specify the enrollment profile for the request parameters, upload your certificate field information in a CSV file, and DigiCert​​®​​ IoT Trust Manager generates your keypairs and certificates based on your uploaded certificate information. DigiCert ONE delivers your generated keys and certificates in a certificate package encrypted by a client authentication certificate provided with the batch request.

Batch certificate requests can also be made by providing certificate field information and having DigiCert ONE generate the keypairs. See Submit certificate batch request with DigiCert ONE-generated keys

  1. Generate your keypairs and CSRs in your environment and package the CSRs in a zip file.

  2. In DigiCert ONE, in the Manager menu (top right), select IoT Trust.

  3. In the IoT Trust Manager menu, select Certificates > Batch jobs.

  4. On the Batch jobs page, select Start batch certificate request.

  5. Enter a Nickname and Description for this request (optional).

  6. Select the Enrollment profile to use for the request.

  7. Select the Certificate download format for the generated certificates.

  8. Select the Certificate chain option for how you want the root and intermediate certificates to be packaged with the generated end entity certificates:

    • Include root and intermediate certificates only as separate files in the download package.

    • Also package intermediate certificates with each end entity certificate.

    • Also package root and intermediate certificates with each end entity certificate.

  9. Enter the email addresses for the users who can pick up and manage the generated end entity certificates.

    Tip

    Users without a DigiCert account can also pick up and manage the generated certificates. Additionally, a passcode can be applied to the certificate package for non-DigiCert ONE users.

  10. Add your CSR zip file.

  11. Select Start request.

  12. DigiCert​​®​​ IoT Trust Manager processes the batch request and generates the certificates.

  13. Users specified in the request get an email when the certificate package is ready for download.

    Note

    Users have 30 days to respond and approve the certificate package before the package expires and is removed from DigiCert ONE. An expired package cannot be recovered.

: