Use this endpoint to set up certificate automation for a single host.
This endpoint supports:
curl --location --request POST 'https://caas.digicert.com/automationws/v1/automation/createAutomation' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"accountId": 5153184,
"automationActionType": "ENROLL",
"divisionId": 677793,
"profileName": "22jul2020 01",
"serverLicense": 1,
"cn": "avp1.cert-testing.com",
"sans": "avp2.cert-testing.com,avp3.cert-testing.com",
"serverDetails": {
"agentLicenseKey": "FED7731D93992414",
"ip": "172.18.172.44",
"port": 440,
},
"installSettings": {
"installationType": "AUTO_INSTALL_AFTER_APPROVAL",
"isAlwaysOn": false
},
"additionalFields": {
"keySecurityType": "STYPE_FIPS"
}
}'{
"error": null,
"data": {
"message": "Successfully triggered certificate automation ENROLL for IP: 172.18.172.44 and Port: 440",
"errors": [],
"status": {}
}
}{
"error": null,
"data": {
"errors": [
{
"errorCode": "1004",
"errorField": "ip or port",
"errorMessage": "No Ip-Ports specified for automation"
}
],
"status": {}
}
}curl --location --request POST 'https://caas.digicert.com/automationws/v1/automation/createAutomation' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"accountId": 5153184,
"automationActionType": "ENROLL",
"cn": "SNIParent.winthecustomer.com",
"divisionId": 677793,
"installSettings": {
"installationType": "AUTO_INSTALL_AFTER_APPROVAL",
"isAlwaysOn": false
},
"profileName": "24Dec2020 01",
"serverDetails": {
"domainName": "SNIParent.winthecustomer.com",
"ip": "172.18.172.44",
"managementIp": "10.100.192.246",
"port": 440
}
}{
"error": null,
"data": {
"message": "Successfully triggered certificate automation ENROLL for IP: 172.18.172.44 and Port: 440",
"errors": [],
"status": {}
}
}curl --location --request POST 'https://caas.digicert.com/automationws/v1/automation/createAutomation' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"accountId": 5153184,
"isSniDefault": true,
"automationActionType": "ADD_SNI",
"divisionId": 677793,
"profileName": "22jul2020 01",
"serverLicense": 1,
"serverName": "avp1.cert-testing.com",
"cn": "avp1.cert-testing.com",
"sans": "avp2.cert-testing.com,avp3.cert-testing.com",
"serverDetails": {
"agentLicenseKey": "FED7731D93992414",
"ip": "172.18.172.44",
"virtualServerName": "/Partition2/per19",
"port": 440,
},
"installSettings": {
"installationType": "AUTO_INSTALL_AFTER_APPROVAL",
"isAlwaysOn": false
},
"additionalFields": {
"keySecurityType": "STYPE_FIPS"
}
}'{
"error": null,
"data": {
"message": "Successfully triggered certificate automation ENROLL for IP: 172.18.172.44 and Port: 440",
"errors": [],
"status": {}
}
}curl --location --request POST 'https://caas.digicert.com/automationws/v1/automation/createAutomation' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"accountId": 5153184,
"automationActionType": "ADD_SNI",
"divisionId": 677793,
"profileName": "22jul2020 01",
"serverLicense": 1,
"serverName": "avp1.cert-testing.com",
"cn": "avp1.cert-testing.com",
"sans": "avp2.cert-testing.com,avp3.cert-testing.com",
"serverDetails": {
"agentLicenseKey": "FED7731D93992414",
"ip": "172.18.172.44",
"port": 440,
},
"installSettings": {
"installationType": "AUTO_INSTALL_AFTER_APPROVAL",
"isAlwaysOn": false
}
}'{
"error": null,
"data": {
"message": "Successfully triggered certificate automation ENROLL for IP: 172.18.172.44 and Port: 440",
"errors": [],
"status": {}
}
}| Name | Req/Opt | Type | Description |
|---|---|---|---|
| accountId | required | string | Account ID. |
| isSniDefault | optional | boolean |
Whether Server Name Indication (SNI) is set to default for automation. Default: trueNOTE: For F5 and AWS load balancers, if set to true, it will not override the settings.
|
| automationActionType | optional | integer |
Certificate automation type. Default: ENROLLAllowed values: ENROLL – Order and install a new certificate.RENEW – Renew an existing DigiCert certificate that is about to expire.TRANSFER – Migrate to a DigiCert certificate from another certificate authority.DUPLICATE – Request a duplicate certificate for an existing order.Values allowed for Agent/Agentless based automation: ADD_SNI- Indicates the adding of SNI with exiting ENROLL flow. ADD_SNI_DUPLICATE- Indicates the adding of SNI duplicate with the existing DUPLICATE flow.
|
| divisionId | required | integer | Division ID. |
| profileName | optional | string | Automation profile name. |
| serverLicense | optional | integer | Server license number. |
| serverName | optional | string |
Fully qualified server name. *Required if automationActionType is selected as ADD_SNI or ADD_SNI_DUPLICATE.NOTE: For Agentless, this parameter is only required, if the load balancer is A10. |
| cn | optional | string | Common name of the certificate. |
| sans | optional | string | Comma-separated list of additional subject alternative names (SANs) to secure with automated certificate requests. |
| parentOrderId | optional* | string |
Existing order ID to be used for requesting a duplicate certificate. *Required if automationActionType is selected as DUPLICATE.
|
| additionalEmails | optional | string | Comma-separated list of additional email IDs to send certificate lifecycle notifications. |
| serverDetails | required | object | Object with server details |
| .. agentLicenseKey | optional* | string |
Agent license key. *Required for ACME automation agent flow. |
| ..domainName | optional* | string |
The domain name that you want to configure automation for. *Required only for SNI (having multiple profiles or certificates on same IP/Port) automation. |
| .. ip | required | string | The IP address that you want to configure automation for. |
| .. managementIp | optional | string |
Management IP. *Required for agentless automation flow. For more information, see Sensor automation on F5 load balancer. |
| .. virtualServerName | optional | string |
Name of the virtual server to automate. *Required if you want to add SNI in an agentless flow. NOTE: This parameter is not required for AWS load balancer. |
| .. port | required | integer | The port that you want to configure automation for. |
| .. redirectPort | optional | integer | Change the default SSL port (443) to a custom port of your choice. |
| installSettings | required | object | Object with installation settings. |
| .. installationType | required | string |
Certificate installation type. Certificate installation can either be on-demand or scheduled for a specific time. AUTO_INSTALL_AFTER_APPROVAL: Install the certificate immediately after approval (on demand).SCHEDULED_INSTALL: Schedule the certificate installation for a later date/time.
|
| .. isAlwaysOn | required | boolean |
Whether to auto-renew and install certificates. If true, you must specify autoRenewSettings in your request.Default: false
|
| .. scheduleTime | optional | integer |
Time when automation starts. Format: epoch in milliseconds. An epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system. Example: 1598299200000NOTE: Required if the installationType is SCHEDULED_INSTALL.
|
| .. scheduleTimeZone | optional | string |
Time zone for the automation. Format: GMT + your timezone offset. Example: -8#pacifictime.NOTE: Required if the installationType is SCHEDULED_INSTALL.
|
| .. autoRenewSettings | optional | object | Object with auto-renew settings. |
| .. .. daysBeforeExpiry | optional | integer |
Number of days before expiration to renew the certificate. Min: 1 day Max: Less than the certificate validity. |
| .. .. isAutoReplace | optional | boolean |
For a revoked or missing certificate, true requests and installs the certificate on the host.Default: false
|
| .. .. scheduleTime | optional | integer |
Time when automatic renewal starts on the specified relative day before certificate expiry. Format: Number of seconds (0 (00:00:00) - 86399 (23:59:59)). Example: 82800 (23:00)
|
| .. .. scheduleTimeZone | optional | string |
Time zone for the automation. Format: GMT + your timezone offset. Example: -8#pacifictime
|
| isCertTransparent | optional | boolean |
If true, enables certificate transparency (CT) logging for the host.Default: falseFor more information, see CT log monitoring service. |
| additionalFields | optional | object | Object with additional settings. |
| .. keySecurityType | optional | string |
Key security type used on F5 load balancer. *Required only if F5 load balancer is used. Allowed values: STYPE_FIPS,STYPE_Normal, STYPE_NETHSMDefault: STYPE_Normal
|
| Name | Type | Description |
|---|---|---|
| error | object | Object with error details. |
| data | object | Object with response data. |
| ..message | string | Message with details about successful creation. |
| ..errors | array | List of errors, if any. |
| ..errorCode | string | Error code. |
| .. errorField | string | The field that is missing. |
| .. errorMessage | string | Error message if request failed. |