Connect to a network appliance or cloud service
Connect DigiCert® Trust Lifecycle Manager to your dedicated network appliances or cloud applications to discover and automate certificate deployments.
Before you begin
You need an active DigiCert sensor to help manage the installed certificates on your external network systems. To learn more, see Deploy and manage sensors.
Add the connector
From the Trust Lifecycle Manager main menu, select Integrations > Connectors.
Select the Add connector button.
Select the applicable system type from the Appliances or Cloud services section.
Enter a friendly Name for this connector.
Select a Business unit for this connector. Only users assigned to this business unit can manage the connector.
For the Managing sensor, select an active DigiCert sensor to use to manage this connector.
Fill in the requested system details. These vary by network appliance or service type.
Network appliance/service
Required information
Notes
A10
Management IP
Management port
Username
Password
The provided credentials must be for an account with full administrator access.
Citrix ADC
Management IP
Management port
Web protocol
Web username
Web Password
SSH username
SSH password
SSH port
The provided credentials must be for an account with full administrator access.
F5 BIG-IP LTM
Management IP
Management port
Username
Password
The provided credentials must be for an account with full administrator access.
Use the Additional settings section to configure optional file management options for the F5 appliance.
AWS ELB (Application/Network)
Account ID
AWS region
Authentication method
The linked AWS account must include managed policies
AWSCertificateManagerFullAccess
andElasticLoadBalancingFullAccess
or equivalent permissions.See descriptions of available authentication methods below.
AWS CloudFront
Account ID
Authentication method
The linked AWS account must include managed policy
AWSCertificateManagerFullAccess
or equivalent permissions.See descriptions of available authentication methods below.
For AWS cloud connectors, select an authentication method to provide your login credentials.
Authentication method
Parameter
Required/Optional
Description
Default AWS credential provider chain
—
—
Provide login credentials using default AWS credential provider chain.
Self-authentication
Access key
Secret key
Required
Supply the credentials yourself.
AWS profile name
AWS profile name
Optional
Use an AWS profile name as your login credentials.
Alternatively, you can also use the AWS account ID to authenticate the login.
注意
The AWS account you connect with must have the below permissions at minimum.
For AWS ELB (Application/Network) load balancers:
ElasticLoadBalancingFullAccess
andAWSCertificateManagerFullAccess
For AWS CloudFront:
CloudFrontFullAccess
,AWSCertificateManagerFullAccess
, andIAMReadOnlyAccess
Select Add to complete the link to the network appliance or cloud service.
What's next
Once you add the network appliance/service, the system looks for existing certificates installed on it. The number of certificates found will appear on the Connectors page in the Automation targets column, and also on the main Inventory page in DigiCert® Trust Lifecycle Manager.
重要
You can add multiple connectors with different managing sensors for a single network appliance/service.
When you schedule multiple certificate automation events at the same time for a network appliance/service that has more than one managing sensor, the system equally distributes the automation requests among the sensors.
If one of the managing sensors goes down, the system automatically redistributes the scheduled automations among the remaining sensors.