Skip to main content

System Center Configuration Manager (SCCM) installation method

This topic describes the procedure to install the DigiCert​​®​​ agent application on your Windows servers using the Microsoft System Center Configuration Manager (SCCM), in silent mode.

注意

This procedure covers the installation of the agent only. It doesn’t cover the installation or configuration of SCCM.

Before you begin

Ensure that the following prerequisites are met:

  1. SCCM console is already installed on the target servers and is operational.

    You can view the target servers on the Software Library > Overview > Devices > All Desktop and Server Clients page.

  2. Type of installer:

    • .exe installer - This is the recommended installer for agent deployments, and is used in this procedure.

    • .msi installer - This is available only for specific accounts and is enabled by DigiCert engineering. For more information, contact DigiCert support.

  3. Agent executable (.exe) file is available in a shared folder (\SCCMSources) that can be accessed by the SCCM client. Agent version 3.1.7 and later is supported.

Create the application

  1. Log in to the SCCM console.

  2. From the left-side panel, navigate to Software Library > Overview > Application Management > Applications page.

  3. Select Create Application.

  4. Configure the following settings in the Create Application Wizard:

    1. Select the Manually specify the application information radio button and select Next.

    2. On the General Information screen, enter the following basic information:

      • Name - Enter a name for the application.

        For example: TLM Agent

      • Publisher - Enter DigiCert as the publisher.

      • Software version - Enter the agent version number.

        注意

        Agent version 3.1.7 and later is supported.

      You can use this information to help you identify the agent.

    3. Select Next.

    4. On the Software Center screen, the name that you entered for the application on the General Information screen is pre-filled by default. However, you can edit the name of the application here.

    5. Select Next.

    6. Select Browse next to Icon and navigate to an icon on your local file system that you want to use for the installer. Alternatively, select the .exe executable file in the shared folder, to use its icon.

    7. On the Change Icon pop-up, select the icon of your choice, and select Ok.

    8. Select Next.

Configure the deployment type

On the Deployment Types screen, do the following:

  1. Select Add.

  2. On the Import Information screen of the Create Deployment Type Wizard, do the following:

    1. From the Type dropdown, select Script Installer.

    2. Select the Manually specify the deployment type information radio button.

    3. Select Next.

  3. On the General Information screen, enter a name for the deployment, and select Next.

  4. On the Content screen, do the following:

    1. Content location - Select Browse, and navigate to the location of the shared folder (/SCCMSources).

    2. Installation program - Select Browse, and navigate to the agent-name .exe file found in the shared folder.

    3. Uninstall program - Select Browse, and navigate to the agent-name .exe file found in the shared folder.

    注意

    When importing the agent-name .exe file, you might see a message indicating that the file couldn’t be verified. Ignore this message, and select Yes to proceed.

  5. Select Next.

Install and uninstall commands

After you've configured the deployment type, you must specify the install and uninstall program commands. The install command helps the agent install silently with the required settings.

Install command

"DigiCert TLM Agent.exe" /install /quiet /norestart DCONE_HOST="demo.one.digicert.com" ACCEPTEULA=yes DOACTIVATE=1 DCAPIKEY="API_KEY" DCBUSINESSUNIT="BUSINESS_UNIT"

小心

If you don’t specify the DCONE_HOST parameter in the install command, you might encounter the following errors:

  • ERROR agent/core.go:82 Failed to provision the agent: failed to retrieve activation code: error during un-marshaling activation pay load: unexpected end of JSON input

  • INFO tls/tls.go:473 Response Status: 500 Internal Server Error

Additional install parameters

  • AGENTALIAS="my-agent-name"

  • AGENTPROXY="http://proxy.example.com:8080"

注意

To automatically render the hostname of the server as the AGENTALIAS, enter %COMPUTERNAME% as the agent alias.

Enter the install command in the Installation program field after the .exe file, as shown in 图 1 “ Install and uninstall parameters.

Uninstall command

"DigiCert TLM Agent.exe" /uninstall /norestart

Enter the uninstall command in the Uninstall program field, after the .exe file, as shown in 图 1 “ Install and uninstall parameters.

1. Install and uninstall parameters
[en] Install and uninstall parameters

Configure the detection method

  1. Select Next to configure the detection method.

  2. Select the Configure rules to detect the presence of this deployment type radio button, and select Add Clause.

  3. On the Detection Rule pop-up, configure the following:

    • Setting Type - Select Registry from the dropdown.

    • Hive - Select Browse, and select HKEY_LOCAL_MACHINE from the dropdown.

    • Key - Enter the key path.

      For example: SOFTWARE\Digicert Inc.\DigiCert TLM Agent

    • Value - Enter Installed.

      This value acts as a flag indicating that the agent has been installed successfully.

    • Data type - Enter Integer.

    • Select the following radio option: This registry setting must exist on the target system to indicate presence of this application

  4. Select Ok to save the detection method, and then select Next.

Configure user experience and create the application

  1. On the User Experience screen, configure the following:

    1. Installation behavior - Select Install for system.

    2. Logon requirement - Select Whether or not a user is logged on.

    3. Installation program visibility - Select Normal.

  2. Go through the Requirements, Dependencies, Summary, and Progress screens by selecting Next. You can retain the default settings for these screens as is.

  3. On the Completion screen, after you ensure that all tasks are completed and marked green, select Close.

    You’re returned to the Create Application Wizard.

  4. Select Next on the Deployment Types and Summary sections to start the application creation process.

    You can view the progress of the application creation process in the Progress section.

  5. Select Close to exit the wizard.

    The application is now created and ready for deployment in SCCM.

Assign the application to target servers

  1. From the left-side panel of the SCCM client, navigate to Software Library > Overview > Application Management > Applications page.

  2. Select Deployment to view the newly created active agent application.

  3. Right-click the application, and select Deploy from the list.

  4. On the Content screen, you must select the set of devices (Collection) that the agent needs for installation. To do this, select Browse > Device Collections > Target-severs, and select Ok.

  5. Select Next.

  6. On the Specify the content destination screen of the wizard, select Add > Distribution Point to add the distribution points, and then select Ok.

  7. Select Next on the Deployment Settings, User Experience, Alerts, and Summary screens to start the deployment process.

    You can view the progress of the deployment on the Progress screen.

  8. After you ensure that all deployment tasks are completed and marked green, select Close to exit the wizard.

  9. Verify that Deployment Types and Deployment columns in the Software Library > Overview > Application Management > Applications page is marked 1.

    This confirms that the application is now assigned to the collection and is ready to be installed on the designated servers.

Install the application

  1. Log in to the server where the application must be installed.

  2. Go to Control Panel > All Control Panel Items > Configuration Manager > Configuration Manager Properties.

  3. From the Actions tab, select Machine Policy Retrieval & Evaluation Cycle, and then select Run Now.

    This triggers a process that ensures the application can communicate with SCCM, and might take several minutes to complete.

  4. Go to the Software Center > Applications tab on the device, and select the agent you want to install.

    It might take several minutes for the Software Center to refresh and display the new agent.

  5. Select the agent icon, and then select Install on the Application Details page to install the agent on the server.

Verify the installation

Go to Program Files > DigiCert > Agent-name folder on the server and verify that the agent has been installed and activated.

本节内容如下: