Criar automação em massa

POST
https://caas.digicert.com/automationws/v1/automation/createAutomation/bulk

Use this endpoint to set up certificate automation for multiple hosts.

This endpoint supports:

  • Configuring automation for an ACME automation agent (agent-based automation).
  • Configuring a sensor to automate certificate requests on load balancers (agentless automation).

Please note that the maximum batch size supported for automation per cycle is 500 .

bash 
curl --location --request POST 'https://caas.digicert.com/automationws/v1/automation/createAutomation/bulk' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
--data-raw '{
  "accountId": 5153184,
  "divisionId":677793,
  "additionalEmails": "cc.admin@cert-testing.com",  
  "sensorProfileName":"9thJuly",
  "acmeProfileName":"22jul2020 01",
  "automationActionType": "RENEW",
  "installSettings": {
    "installationType": "AUTO_INSTALL_AFTER_APPROVAL",
    "isAlwaysOn": false
  },
  "ipPortsToAutomate": [
    {
      "domainName": "SNIParent.winthecustomer.com",
      "ip": "10.100.196.228",
      "port": 900,
      "managementIp": "10.100.192.227",
      "virtualServerName": "/partition1/per18"
    },
    {
      "domainName": "SNIChild.cert-testing.com",
      "ip": "10.100.196.228",
      "port": 80,
      "managementIp": "10.100.192.227",
      "virtualServerName": "/partition1/per20"
    }
  ]
}'
200 OK 
{
  "error": null,
  "data": {
    "message": "Successfully initiated RENEW for 2 IP/Port(s), progress will be updated against individual IP/Ports",
    "ineligibleIpPorts": [],
    "errors": [],
    "status": {}
  }
}
200 OK 
{
    "error": null,
    "data": {
        "errors": [
            {
                "errorCode": "1004",
                "errorField": "installationType",
                "errorMessage": "No installationType specified for automation"
            }
        ],
        "status": {}
    }
}

Request parameters

Name Req/Opt Type Description
accountId required string Account ID.
divisionId required integer Division ID.
additionalEmails optional string Additional email IDs to send certificate lifecycle notifications.
This is a comma separated list.
sensorProfileName optional* string Name of the sensor-based (agentless) automation profile.
*Required when there is no matching profile (default or associated) for the selected IP/Ports.
acmeProfileName optional* string Name of the ACME agent automation profile.
*Required when there is no matching profile (default or associated) for the selected IP/Ports.
automationActionType optional integer Certificate automation type.
Default: ENROLL
Allowed values:
ENROLL – Order and install a new certificate.
RENEW – Renew an existing DigiCert certificate that is about to expire.
TRANSFER – Migrate to a DigiCert certificate from another certificate authority.
installSettings required object Object with installation settings.
.. installationType required string Certificate installation type.
Certificate installation can either be on-demand or scheduled for a specific time.
AUTO_INSTALL_AFTER_APPROVAL: Install the certificate immediately after approval (on demand).
SCHEDULED_INSTALL: Schedule the certificate installation for a later date/time.
.. .. scheduleTime optional* integer Time when automation starts.
Format: epoch in milliseconds.
An epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system.
Example: 1598299200000
*Required if you choose installationType as SCHEDULED_INSTALL.
.. .. scheduleTimeZone optional* string Time zone for the automation.
Format: GMT + your timezone offset.
Example: -8#pacifictime
*Required if you choose installationType as SCHEDULED_INSTALL.
ipPortsToAutomate required array A list of objects with information about the IP addresses and ports to configure automation for. Each object includes the key/value pairs listed below.
.. domainName optional* string The domain name that you want to configure automation for.
*Required only for SNI (having multiple profiles or certificates on same IP/Port) automation.
.. ip required string The IP address that you want to configure automation for.
.. port required integer The port that you want to configure automation for.
.. managementIp optional* string Management IP.
*Required for agentless automation flow.
For more information, see Sensor automation on F5 load balancer.
.. virtualServerName optional* string Name of the virtual server to automate.
*Required if you want to add SNI in an agentless flow.
NOTE: This parameter is not required for AWS load balancer.

Response parameters

Name Type Description
error object Object with error details.
data object Object with response data.
..message string Message with details about successful creation.
.. selectedIpPorts array List with automation details for the selected IP addresses and ports .
.. ineligibleIpPorts array List of IP addresses and ports from the selectedIpPorts list that are ineligible for automation.
.. errors array List of errors, if any.
.. errorCode string Error code.
.. errorField string The field that is missing.
.. errorMessage string Error message if request failed.

Sobre

DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.

©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.