Create automation

5 minute read

POST https://caas.digicert.com/automationws/v1/automation/createAutomation

Use this endpoint to set up certificate automation for a single host.

This endpoint supports:

Configuring automation for an ACME automation agent (agent-based automation).
Configuring a sensor to automate certificate requests on load balancers (agentless automation).

Example requests and responses

Create automation

cURL

curl --location --request POST 'https://caas.digicert.com/automationws/v1/automation/createAutomation' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
--data-raw '{
    "accountId": 5153184,
    "automationActionType": "ENROLL",
    "divisionId": 677793,
    "profileName": "22jul2020 01",
    "serverLicense": 1,
    "cn": "avp1.cert-testing.com",
    "sans": "avp2.cert-testing.com,avp3.cert-testing.com",
    "serverDetails": {
        "agentLicenseKey": "FED7731D93992414",
        "ip": "172.18.172.44",
        "port": 440,
    },
    "installSettings": {
        "installationType": "AUTO_INSTALL_AFTER_APPROVAL",
        "isAlwaysOn": false
    },
     "additionalFields": {
        "keySecurityType": "STYPE_FIPS"
   }
}'

200 OK

{
    "error": null,
    "data": {
        "message": "Successfully triggered certificate automation ENROLL for IP: 172.18.172.44 and Port: 440",
        "errors": [],
        "status": {}
    }
}

Automation for SNI

cURL

curl --location --request POST 'https://caas.digicert.com/automationws/v1/automation/createAutomation' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
--data-raw '{
    "accountId": 5153184,
    "automationActionType": "ENROLL",
    "cn": "SNIParent.winthecustomer.com",
    "divisionId": 677793,
    "installSettings": {
        "installationType": "AUTO_INSTALL_AFTER_APPROVAL",
        "isAlwaysOn": false
    },
    "profileName": "24Dec2020 01",
    "serverDetails": {
        "domainName": "SNIParent.winthecustomer.com",
        "ip": "172.18.172.44",
        "managementIp": "10.100.192.246",
        "port": 440
    }
}

200 OK

{
    "error": null,
    "data": {
        "message": "Successfully triggered certificate automation ENROLL for IP: 172.18.172.44 and Port: 440",
        "errors": [],
        "status": {}
    }
}

Automation for adding SNI (Agentless)

cURL

curl --location --request POST 'https://caas.digicert.com/automationws/v1/automation/createAutomation' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
--data-raw '{
    "accountId": 5153184,
    "isSniDefault": true,
    "automationActionType": "ADD_SNI",
    "divisionId": 677793,
    "profileName": "22jul2020 01",
    "serverLicense": 1,
    "serverName": "avp1.cert-testing.com", 	
    "cn": "avp1.cert-testing.com",
    "sans": "avp2.cert-testing.com,avp3.cert-testing.com",
    "serverDetails": {
        "agentLicenseKey": "FED7731D93992414",
        "ip": "172.18.172.44",
        "virtualServerName": "/Partition2/per19",
        "port": 440,
    },
     "installSettings": {
        "installationType": "AUTO_INSTALL_AFTER_APPROVAL",
        "isAlwaysOn": false
    },
     "additionalFields": {
        "keySecurityType": "STYPE_FIPS"
   }
}'

200 OK

{
    "error": null,
    "data": {
        "message": "Successfully triggered certificate automation ENROLL for IP: 172.18.172.44 and Port: 440",
        "errors": [],
        "status": {}
    }
}

Automation for adding SNI (Agent)

cURL

curl --location --request POST 'https://caas.digicert.com/automationws/v1/automation/createAutomation' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
--data-raw '{
    "accountId": 5153184,
    "automationActionType": "ADD_SNI",
    "divisionId": 677793,
    "profileName": "22jul2020 01",
    "serverLicense": 1,
    "serverName": "avp1.cert-testing.com", 	
    "cn": "avp1.cert-testing.com",
    "sans": "avp2.cert-testing.com,avp3.cert-testing.com",
    "serverDetails": {
        "agentLicenseKey": "FED7731D93992414",
        "ip": "172.18.172.44",
        "port": 440,
    },
    "installSettings": {
        "installationType": "AUTO_INSTALL_AFTER_APPROVAL",
        "isAlwaysOn": false
    }
}'

200 OK

{
    "error": null,
    "data": {
        "message": "Successfully triggered certificate automation ENROLL for IP: 172.18.172.44 and Port: 440",
        "errors": [],
        "status": {}
    }
}

Request parameters

Name	Req/Opt	Type	Description
accountId	required	string	Account ID.
isSniDefault	optional	boolean	Whether Server Name Indication (SNI) is set to default for automation. Default: `true` Note: For F5 and AWS load balancers, if set to `true`, it will not override the settings.
automationActionType	optional	integer	Certificate automation type. Default: `ENROLL` Allowed values: Values allowed for Agent/Agentless based automation:
divisionId	required	integer	Division ID.
profileName	optional	string	Automation profile name.
serverLicense	optional	integer	Server license number.
serverName	optional^*	string	Fully qualified server name. Required if automationActionType is selected as ADD_SNI or ADD_SNI_DUPLICATE. Note:* For Agentless automation, this parameter is only required, if the load balancer is A10.
cn	optional	string	Common name of the certificate.
sans	optional	string	Comma-separated list of additional subject alternative names (SANs) to secure with automated certificate requests.
parentOrderId	optional^*	string	Existing order ID to be used for requesting a duplicate certificate. ^*Required if `automationActionType` is selected as `DUPLICATE`.
additionalEmails	optional	string	Comma-separated list of additional email IDs to send certificate lifecycle notifications.
serverDetails	required	object	Object with server details
.. agentLicenseKey	optional^*	string	Agent license key. ^*Required for ACME automation agent flow.
.. domainName	optional^*	string	The domain name that you want to configure automation for. ^*Required only for SNI (having multiple profiles or certificates on same IP/Port) automation.
.. ip	required	string	The IP address that you want to configure automation for.
.. managementIp	optional^*	string	Management IP. ^*Required for agentless automation flow. For more information, see Sensor automation on F5 load balancer.
.. virtualServerName	optional^*	string	Name of the virtual server to automate. ^Required for agentless automation flow. Note:* This parameter is not required for AWS load balancer.
.. port	required	integer	The port that you want to configure automation for.
.. redirectPort	optional	integer	Change the default SSL port (443) to a custom port of your choice.
installSettings	required	object	Object with installation settings.
.. installationType	required	string	Certificate installation type. Certificate installation can either be on-demand or scheduled for a specific time.
.. isAlwaysOn	required	boolean	Whether to auto-renew and install certificates. If `true`, you must specify `autoRenewSettings` in your request. Default: `false`
.. scheduleTime	optional	integer	Time when automation starts. Format: epoch in milliseconds. An epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system. Example: `1598299200000` Note: Required if the installationType is SCHEDULED_INSTALL.
.. scheduleTimeZone	optional	string	Time zone for the automation. Format: GMT + your timezone offset. Example: `-8#pacifictime` Note:Required if the `installationType` is `SCHEDULED_INSTALL`.
.. autoRenewSettings	optional	object	Object with auto-renew settings.
.. .. daysBeforeExpiry	optional	integer	Number of days before expiration to renew the certificate. Min: 1 day Max: Less than the certificate validity
.. .. isAutoReplace	optional	boolean	For a revoked or missing certificate, `true` requests and installs the certificate on the host. Default: `false`
.. .. scheduleTime	optional	integer	Time when automatic renewal starts on the specified relative day before certificate expiry. Format: Number of seconds (0 (00:00:00) - 86399 (23:59:59)). Example: `82800 (23:00)`
.. .. scheduleTimeZone	optional	string	Time zone for the automation. Format: GMT + your timezone offset. Example:`-8#pacifictime`
isCertTransparent	optional	boolean	If `true`, enables certificate transparency (CT) logging for the host. Default: `false` For more information, see CT log monitoring service.
additionalFields	optional	object	Object with additional settings.
.. keySecurityType	optional	string	Key security type used on F5 load balancer. ^Required only if F5 load balancer is used. Allowed values:* Default: `STYPE_Normal`

Response parameters

Name	Type	Description
error	object	Object with error details.
data	object	Object with response data.
.. message	string	Message with details about successful creation.
.. errors	array	List of errors, if any.
.. errorCode	string	Error code.
.. errorField	string	The field that is missing.
.. errorMessage	string	Error message if the request failed.

Was this page helpful?

Provide feedback

Need more help?

Account and platform

Certificates and PKI

Signing

Devices and IoT

Other resources

Create automation

Example requests and responses

Create automation

cURL

200 OK

Automation for SNI

cURL

200 OK

Automation for adding SNI (Agentless)

cURL

200 OK

Automation for adding SNI (Agent)

cURL

200 OK

Request parameters

Response parameters