Skip to main content

系統和網路需求

在您安裝 DigiCert ACME 自動化代理程式前,驗證您的系統和網路是否符合基本需求。

Important

To avoid conflicts, do not install a DigiCert sensor and agent on the same system. Use a dedicated host for the sensor.

系統需求

ACME 代理程式軟體在 Linux 和 Windows 系統上執行,需要符合以下的需求:

Server type

Supported OS versions

Minimum specifications

Linux

  • Red Hat Enterprise Linux 7.x

  • Red Hat Enterprise Linux 8.x

  • Red Hat Enterprise Linux 9.x

  • Ubuntu 20.04 or later

  • 需要 64 位元版本和美國地區設定

  • 2 GB RAM (建議使用 4GB RAM)

  • 2 GB 可用硬碟空間 (基本)

  • CLI utilities awk, grep, sed, lsof, and dos2unix installed

  • Root privileges

Windows

  • Windows 10

  • Windows Server 2016

  • Windows Server 2019

  • Windows Server 2022

  • Windows Server 2025

  • 64 位元版本

  • 2 GB RAM (建議使用 4GB RAM)

  • 2 GB 可用硬碟空間 (基本)

  • Microsoft .NET Framework 4.x installed

  • Administrator privileges

網路需求

Each DigiCert agent must be able to access the network hosts described below, either directly or via proxy.

  • Direct access: If the agent does not use a proxy to connect, it must have direct access to the network hosts described below.

  • Proxy access: If the agent uses a DigiCert sensor as proxy or a third-party proxy service, it only needs access to the sensor or proxy server. In turn, the sensor or proxy server must have access to the network hosts described below.

DigiCert® ONE platform

To connect to Trust Lifecycle Manager, the agent requires access to one of the following DigiCert ONE environments.

To use the production environment, the agent must be able to connect outbound to HTTPS (TCP port 443) on the two DigiCert ONE platform URLs in one of the following regions.

To use the demo environment, the agent must be able to connect outbound to HTTPS (TCP port 443) on the two DigiCert ONE platform URLs in one of the following regions.

Service URLs

In addition to platform access, the agent must be able to connect outbound to HTTPS (TCP port 443) on the following automation and discovery service URLs.

Loopback ports

The agent binds to the following loopback ports on the local host. To adjust the loopback port numbers for an installed agent, edit the applicable configuration file/parameter in the agent conf sub-directory and restart the agent service.

Loopback port

Description

Agent conf file

Configuration parameter

58080

Local communications port for the plugin manager process used to manage certificate delivery events for Trust Lifecycle Manager.

config.toml

ControlPort

61613

Local communications port for Simple (or Streaming) Text Oriented Messaging Protocol (STOMP). Used for message queuing between the main agent process and the plugin manager process.

config.toml

StompPort

Note

Loopback ports do not require any access rules on the local firewall.

Web server hostname resolution

The DigiCert agent on each host must be able to resolve the fully qualified domain names (FQDNs) for the local web server for which it manages certificates.

The agent can resolve the web server hostname(s) via either DNS or a local "hosts" file.

What's next