Info: DigiCert Certificate Authority Driver


DigiCert is a pluggable certificate authority (CA) driver of Venafi Encryption Director (VED). The purpose of the driver is to request SSL certificates from the DigiCert CA based on the selected product type. When interacting with Digicert through a script or the Venafi Director product you must request and obtain an API key from DigiCert for your account access.

More Info:

First create the 'Certificate Authority' object:

Creating Certificate Authority Object KB

Steps to configure the DigiCert object:

Complete the DigiCert object:

  1. General
    • Description - Create a description for the DigiCert object.
    • Contact - User or group identities to be assigned to this object. The default notifications are sent to these contacts. 
  2. Account Settings
    • API Key - Key is needed to connect to the DigiCert web service. Contact DigiCert if you don't have the API key. (An NDA is required with DigiCert).
    • Account Number - The DigiCert account number to authenticate with DigiCert.
    • Validate - After entering the API Key and the Account Number, click on the Validate button to validate the web service connection and to retrieve product names, enabled options and available validity periods. 
  3. Options
    • Product Name - Drop down list of the available product types. Choose the type of certificate this object will request. 
    • Manual Approval - This check box is to show whether approval of certificate request is manual or automatic.  DigiCert automatically approves all non-extended validation (EV) certificates.
    • Subject Alt Name Enabled - If the check box is enabled, your account supports Subject Alt Name (SAN). Selecting this option means the object will support SANs. 
    • Extended Validation - If the check box is enabled, your account supports Extended Validation (EV). Check the box if this object is to be used to request Extended Validation certificates. 
  4. Validity Period
    • Available Validity Periods (Years) - Lists the available validity periods, in years, for the selected Product Name.
    • Supported Validity Periods (Years) - Choose the validity period(s) from the Available Validity Periods that this object will support. These values will be available for selection on the Certificate object if this instance of the DigiCert CA object is chosen. 

After completing all of the entries, click on the 'Apply' button to save the settings. 

Associating the DigiCert CA object to a Certificate object:

Now either create a new certificate object or navigate to an existing certificate object. Select the ‘Settings’ tab and for ‘CA Template’ in the ‘Other Information’ section, choose the DigiCert CA object you just created above. Select the new ‘DigiCert’ tab that will appear on the tab panel above.

Complete the remaining certificate-specific DigiCert CA fields:

  1. Settings
    • Validity Period – The amount of time, in years, this certificate will be issued for. This list show only the supported validity periods that were selected in the above created DigiCert CA object.
    • Server Type – The type of server that the certificate is being placed on. This information can be used by the organization for reporting purposes.
  2. Additional Organization Info
    • Street Address – The street address of the organization that the certificate is being issued to. 
    • Zip – The zip code of the organization that the certificate is being issued to. 

After completing all of the entries, click on the 'Apply' button to save the settings.  

Was this article helpful?
0 out of 0 found this helpful