DigiCert
SecTrail CM integrates with the DigiCert API service to centrally manage ordering, renewal, and revocation of SSL/TLS certificates.
Connection Requirementsβ
| Requirement | Detail | Description |
|---|---|---|
| Protocol | REST API (HTTPS) | DigiCert REST API is used |
| API Endpoint | https://www.digicert.com/services/v2/ | DigiCert API v2 service |
| Authentication | API Key Authentication | Authentication with API Key |
| User Permission | DigiCert API Access | Certificate order, query, and management permission |
Automatic Operationsβ
SecTrail CM automatically performs the following operations on DigiCert:
- Certificate Order: Creating a new SSL/TLS certificate request
- Order Query: Viewing the status of existing certificate orders
- Certificate Renewal: Renewing certificates about to expire
- Certificate Revocation: Revoking certificates that are no longer used or compromised
- Certificate Download: Automatic downloading of issued certificates
Configuration Stepsβ
1. Add DigiCert Profileβ
Navigate to Integrations > DigiCert and click the Add New DigiCert Profile button:
Enter the following information:
- Name: Give a descriptive name for the profile
- URL: DigiCert API endpoint address
https://www.digicert.com/services/v2/
- API Key: Your DigiCert API key
- Proxy: Proxy usage (Enable/Disable)
Click Submit button to save the profile.
You can create your DigiCert API key from the DigiCert account management panel. Ensure that the API key has sufficient permissions.
2. View DigiCert Accountsβ
After adding a profile, it will be displayed in the Integrations > DigiCert list:
The list screen displays the following information:
- Name: Profile name
- URL: API endpoint address
- Domain Details: Associated domain information
Account Operationsβ
The following operations can be performed for each profile:
- Refresh: Refresh profile information
- Edit: Edit profile settings
- Delete: Delete profile
View Certificate Ordersβ
After DigiCert integration, you can view all your certificate orders:
Navigate to Integrations > DigiCert > Orders:
Order Informationβ
| Field | Description |
|---|---|
| Created At | Certificate request date and time |
| Order | DigiCert order number |
| Common Name | Domain name where the certificate will be used |
| Product | Certificate product type (e.g., RapidSSL Standard DV) |
| Status | Certificate status (Issued, Expired, Renewed, Revoked) |
| Days | Remaining/elapsed validity period (in days) |
Certificate Statusesβ
- Renewed: Certificate renewed and active
- Expired: Certificate expired (negative day value)
- Revoked: Certificate revoked
- Issued: Certificate successfully issued and active
Certificate Managementβ
Download Certificate (Fetch)β
To download issued certificates:
- Navigate to Integrations > DigiCert > Orders
- Find the certificate you want to download
- Click Fetch Certificate button
- Certificate is automatically downloaded and added to the system
Certificates issued by DigiCert can be automatically downloaded to the system. This feature eliminates the need for manual downloading.
Certificate Renewal (Renew)β
To renew certificates about to expire:
- Navigate to Integrations > DigiCert > Orders
- Find the certificate you want to renew
- Click Renew Certificate button
- Confirm the renewal
It is recommended to start renewing certificates at least 30 days before the expiration date. Negative values in the "Days" column indicate expired certificates.
Certificate Revocation (Revoke)β
To revoke compromised or no longer used certificates:
- Navigate to Integrations > DigiCert > Orders
- Find the certificate you want to revoke
- Click Revoke Certificate button
- Confirm the revocation
Once a certificate is revoked, this action cannot be undone. A revoked certificate can no longer be used.