Skip to main content


From an end-user's perspective, DigiCert​​®​​ Trust Assistant is a cross-platform desktop application that you can use to manage keys and certificates in your local computer. You can store both keys and certificates in built-in operating system storage or in various vendors’ hardware tokens.

It provides typical operations like key/CSR generation, the import or export of certificates with or without private keys, generates signatures and deletes data from the certificate store and PIN operations (verify, change, and reset) for hardware tokens. It can also obtain Slot Information for each key storage, reading information such as the storage name, token details, and available mechanisms.

Additionally, DigiCert​​®​​ Trust Assistant supports post-processing scripts, which facilitate the integration of third-party applications for certificate consumption after successful certificate enrollment and renewal operations.

Key features

  1. Supports per-user (administrator privilege not required) or per-computer installation

  2. Manage lifecycle of certificates, supporting operations: 

    • Generate key and Certificate Signing Request (CSR) for enrollment of certificates

    • View details of existing certificates

    • Generate signature

    • Delete certificates

    • Import and export certificates in various formats (X.509, PKCS#7, PKCS#12, GLCK)

  3. Software and hardware tokens support through PKCS#11: 

    • Software tokens: Built-in operating system key storage (Windows Certificate Store and Mac keychain)

    • Hardware tokens: eToken and YubiKey

    • PIN operation support (change and reset PIN) 

  4. Supports the execution of post-processing scripts, once the certificate is installed. See Post-processing scripts.
