Automate certificate lifecycle
注意
Retiring Managed Automation in CertCentral
On October 1, 2026, DigiCert will retire the Managed Automation service in CertCentral. To continue using managed automation after this date, use DigiCert® Trust Lifecycle Manager.
A Trust Lifecycle Manager Advanced subscription is required for managed automation.
Learn about moving Managed Automation to Trust Lifecycle Manager
Note: API and ACME automation are still supported in CertCentral.
Certificate lifecycle automation in CertCentral supports certificate issuance, renewal, replacement, and deployment across standard hosts, network appliances, and integrated platforms.
Important
As of February 24, 2026, all public TLS/SSL certificates have a maximum validity of 199 days. Shorter certificate lifetimes increase the frequency of renewal and reissuance. Automation reduces the manual effort required to keep certificates current and prevents service disruptions caused by expired certificates. Learn more about DigiCert annual plans for TLS/SSL certificates.
Automation capabilities include:
ACME-based certificate issuance and renewal
Agent-based and sensor-based managed automation
DNS-integrated validation workflows
Integration-driven automation with Microsoft Azure Key Vault
Automated renewal, reissuance, and replacement actions
Automation profiles define how certificates are requested, validated, renewed, and installed. Profiles automatically renew certificates before they expire, replace revoked or missing certificates, and apply consistent deployment settings across environments.
This chapter explains how to:
Confirm prerequisites and set up automation clients
Configure ACME credentials and complete ACME challenges
Create and manage automation profiles
Schedule and monitor automation events
Automate certificate renewal, replacement, and deployment
Discover unmanaged certificates and bring them under lifecycle management