Skip to main content

Assign scripts to an agent

To start using your own scripts to customize agent-based automations, you need to assign the scripts to the applicable agents in DigiCert​​®​​ Trust Lifecycle Manager.

Note

This page describes how to assign SNI information or pre/post-installation scripts for a single agent. To assign these script types to multiple agents at once, see Bulk assign scripts to multiple agents.

To learn about the use of custom automation scripts with your agents, see 設定受管理的自動化的自訂應用.

Before you begin

Before assigning any script type to your DigiCert agents:

  • Store the script in each agent's local user-scripts directory.

  • Add the script in Trust Lifecycle Manager to configure and make it available.

  • Make sure each agent is running software version 3.0.8 or above. To update the software on an agent, see Manage agents.

Verify scripts in agent details

To view the details for a DigiCert agent in Trust Lifecycle Manager:

  1. From the Trust Lifecycle Manager main menu, select Discovery & automation tools > Agents.

  2. Select any agent by name to view the details for it.

Any currently configured scripts for the agent are shown in the following sections in the agent details:

  • Server Name Information (SNI): If SNI is enabled for the agent, this section shows whether the SNI domains are entered manually or learned dynamically via an SNI information script.

  • IP/port targets: Includes any IP/port targets on the agent configured to use a custom automation script.

  • Pre/post-install scripts: Shows any pre-installation or post-installation scripts assigned to the agent, per web server application.

Assign an SNI information script

To assign an SNI information script to a DigiCert agent so it can learn SNI domains dynamically:

  1. From the Trust Lifecycle Manager main menu, select Discovery & automation tools > Agents.

  2. Select the pencil (edit) icon on the right of the agent details page to update the agent configuration.

  3. In the Server Name Indication (SNI) section:

    1. Make sure SNI is enabled. If not, toggle it On.

    2. Select the option to configure SNI domains through a Server-side script.

    3. Select the name of the script to use from the dropdown list.

  4. Select the Update button at bottom to save your changes.

Important

After updating the SNI configuration, run the Refresh configuration action on the agent to force activation of the SNI domains and discover any existing SNI certificates for them. Otherwise, the updated SNI domains won't become active until the agent runs its daily refresh operation.

Assign a pre- or post-installation script

To an assign a pre- or post-installation script to a DigiCert agent to execute before or after installing a certificate in an automation event:

  1. From the Trust Lifecycle Manager main menu, select Discovery & automation tools > Agents.

  2. Select the pencil (edit) icon on the right of the agent details page to update the agent configuration.

  3. In the Pre/post-install scripts section:

    1. Select any web server applications for which you want to run a pre- or post-installation script when automating certificates.

    2. After selecting a web server application, use the dropdowns to select the specific Pre-installation script and/or Post-installation script you want to run when installing a certificate for that application.

  4. Select the Update button at bottom to save your changes.

What's next

Any pre/post-installation scripts you assigned to the agent will run during the next and subsequent certificate automation events for the applicable web server applications.

You can override the assigned pre/post-installation scripts on a one-time basis when scheduling an automation event in Trust Lifecycle Manager.