系統和網路需求

在您安裝 DigiCert ACME 自動化代理程式前，驗證您的系統和網路是否符合基本需求。

代理程式必須和自動化的 TLS/SSL 憑證安裝在相同的系統上。

系統需求

ACME 代理程式軟體在 Linux 和 Windows 系統上執行，需要符合以下的需求：

Server type	Supported OS versions	Minimum specifications
Windows	Windows 10 Windows Server 2016 Windows Server 2019 Windows Server 2022	64 位元版本 2 GB RAM (建議使用 4GB RAM) 2 GB 可用硬碟空間 (基本) Microsoft .NET Framework 4.x installed Administrator privileges
Linux	Red Hat Enterprise Linux 7.x Red Hat Enterprise Linux 8.x Red Hat Enterprise Linux 9.x Ubuntu 20.04 or later	需要 64 位元版本和美國地區設定 2 GB RAM (建議使用 4GB RAM) 2 GB 可用硬碟空間 (基本) CLI utilities `awk`, `grep`, `sed`, `lsof`, and `dos2unix` installed Root privileges

網路需求

The DigiCert agent on each host must be able to resolve the fully qualified domain names (FQDNs) for the local web server, either via DNS or a local "hosts" file.

對外連線至 HTTPS (連接埠 443)。

Region	Platform URLs¹	TCP port	Protocol
Americas (U.S.A.)	`one.digicert.com`, `clientauth.one.digicert.com`	443	HTTPS
APJ (Japan)	`one.digicert.co.jp`, `clientauth.one.digicert.co.jp`	443	HTTPS
EMEA (Netherlands)	`one.nl.digicert.com`, `clientauth.one.nl.digicert.com`	443	HTTPS
EMEA (Switzerland)	`one.ch.digicert.com`, `clientauth.one.ch.digicert.com`	443	HTTPS
_{1. For users with an on-premises DigiCert ONE deployment, the agent needs to access port 443 (HTTPS) on the local DigiCert ONE instance and ClientAuth host (for example, my-org.one.digicert.com and my-org.clientauth.digicert.com).}

In addition, the agent requires outbound access to the below host for Trust Lifecycle Manager discovery and automation services:

Region	URL	TCP port	Protocol
All regions	`automation-service.digicert.com` ¹	443	HTTPS
_{1. This service is delivered through a content distribution network (CDN) and the IP addresses may vary by region. If your organization uses IP-based allowlists, look up the automation-service.digicert.com host in your local region to determine which IP addresses to allow.}

Note

If using a local DigiCert® sensor as proxy, the agent must also be able to connect outbound to the proxy listening port on the sensor. To learn more, see Use a sensor as a proxy server.

What's next

To install an agent on a single server, see: Install and activate a DigiCert agent.
To bulk install agents on multiple servers at once, see: Install DigiCert agents in silent mode.
If your organization has a private on-premises instance of DigiCert ONE, make sure you meet the additional requirements to use DigiCert agents for certificate lifecycle automation.