APPLIES TO: All Versions
This article covers the steps required to bulk export certificates from Digicert, followed by the instructions necessary to import those certificates into the Venafi Trust Protection Platform database. This will leverage the Venafi Server Agent’s ability to discover and upload certificates into the TPP database.
NOTE: For the purposes of the instructions in this article, it is assumed that you have the necessary credentials to access Digicert’s CertCentral.
The bulk import process follows these high-level steps. Details for each step are documented below.
- Export certificates from Digicert CertCentral
- Parse text export file
- Import certificates into Venafi Trust Protection Platform
EXPORT CERTIFICATES FROM DIGICERT CERTCENTRAL
From a browser, access Digicert CertCentral using the following URL:
From the CertCentral home screen, select My Certificates at the top of the page.
Scrolling to the bottom of the My Certificates page, click Download all certs in one file located in the lower-left corner of the page.
After a few moments, your download will complete. Save the resultant text file to the system which will be scanned using the Venafi Server Agent.
PARSE THE TEXT EXPORT FILE
To parse the text file, you will need to either contact Customer Support, or make a request through your Professional Services consultant. Venafi has proprietary tools which are able to parse the text file and output the certificates as individual .crt files. This way, they can be easily imported using the Agent Bulk Import process described in the next section.
IMPORT CERTIFICATES INTO VENAFI TRUST PROTECTION PLATFORM
With the feature release of the Adaptable CA driver in version 19.1, the Trust Protection Platform is able to integrate with a multitude of Certificate Authorities and perform various functions utilizing API/SDK endpoints and custom PowerShell scripts. For instructions on importing certificates to TPP, please use the following link:
In versions 18.4 and earlier, this process leverages the Venafi Server Agent’s ability to discover and upload certificates into the TPP database. This process also properly prevents any attempt to import ‘duplicate’ certificates into the database. For instructions on performing a bulk import into TPP, please use the following link:
For instructions on how to import bulk certificates on versions prior to 17.2, use the link below: