Skip to main content

Create automation

POST https://caas.digicert.com/automationws/v1/automation/createAutomation

Use this endpoint to set up certificate automation for a single host.

This endpoint supports:

  • Configuring automation for an ACME automation agent (agent-based automation).

  • Configuring a sensor to automate certificate requests on load balancers (agentless automation).

Example requests and responses

Create automation

Automation for SNI

Automation for adding SNI (Agentless)

Automation for adding SNI (Agent)

Request parameters

Name

Req/Opt

Type

Description

accountId

required

string

Account ID.

isSniDefault

optional

boolean

Whether Server Name Indication (SNI) is set to default for automation.

Default: true

Note: For F5 and AWS load balancers, if set to true, it will not override the settings.

automationActionType

optional

integer

Certificate automation type.

Default: ENROLL

Allowed values:

  • ENROLL – Order and install a new certificate.

  • RENEW – Renew an existing DigiCert certificate that is about to expire.

  • TRANSFER – Migrate to a .DigiCert certificate from another certificate authority

  • DUPLICATE – Request a duplicate certificate for an existing order.

Values allowed for Agent/Agentless based automation:

  • ADD_SNI – Indicates the adding of SNI with exiting ENROLL flow.

  • ADD_SNI_DUPLICATE – Indicates the adding of SNI duplicate with the existing DUPLICATE flow.

divisionId

required

integer

Division ID.

profileName

optional

string

Automation profile name.

serverLicense

optional

integer

Server license number.

serverName

optional*

string

Fully qualified server name.

*Required if automationActionType is selected as ADD_SNI or ADD_SNI_DUPLICATE.

Note: For Agentless automation, this parameter is only required, if the load balancer is A10.

cn

optional

string

Common name of the certificate.

sans

optional

string  

Comma-separated list of additional subject alternative names (SANs) to secure with automated certificate requests.

parentOrderId

optional*

string  

Existing order ID to be used for requesting a duplicate certificate.

*Required if automationActionType is selected as DUPLICATE.

additionalEmails

optional

string  

Comma-separated list of additional email IDs to send certificate lifecycle notifications.

 serverDetails

required

object

Object with server details

.. agentLicenseKey

optional*

string

Agent license key.

*Required for ACME automation agent flow.

.. domainName

optional*

string

The domain name that you want to configure automation for.

*Required only for SNI (having multiple profiles or certificates on same IP/Port) automation.

.. ip

required

string

The IP address that you want to configure automation for.

.. managementIp

optional*

string

Management IP.

*Required for agentless automation flow.

For more information, see Sensor automation on F5 load balancer.

.. virtualServerName

optional*

string

Name of the virtual server to automate.

*Required for agentless automation flow.

Note: This parameter is not required for AWS load balancer.

.. port

required

integer

The port that you want to configure automation for.

.. redirectPort

optional

integer

Change the default SSL port (443) to a custom port of your choice.

installSettings

required

object

Object with installation settings.

.. installationType

required

string

Certificate installation type.

Certificate installation can either be on-demand or scheduled for a specific time.

  • AUTO_INSTALL_AFTER_APPROVAL: Install the certificate immediately after approval (on demand)

  • SCHEDULED_INSTALL: Schedule the certificate installation for a later date/time.

.. isAlwaysOn

required

boolean

Whether to auto-renew and install certificates.

If true, you must specify autoRenewSettings in your request.

Default: false

.. scheduleTime

optional

integer

Time when automation starts.

Format: epoch in milliseconds.

An epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system.

Example: 1598299200000

Note: Required if the installationType is SCHEDULED_INSTALL.

.. scheduleTimeZone

optional

string

Time zone for the automation.

Format: GMT + your timezone offset.

Example: -8#pacifictime

Note: Required if the installationType is SCHEDULED_INSTALL.

.. autoRenewSettings

optional

object

Object with auto-renew settings.

.. .. daysBeforeExpiry

optional

integer

Number of days before expiration to renew the certificate.

Min: 1 day

Max: Less than the certificate validity

.. .. isAutoReplace

optional

boolean

For a revoked or missing certificate, true requests and installs the certificate on the host.

Default: false

.. .. scheduleTime

optional

integer

Time when automatic renewal starts on the specified relative day before certificate expiry.

Format: Number of seconds (0 (00:00:00) - 86399 (23:59:59)).

Example: 82800 (23:00)

.. .. scheduleTimeZone

optional

string

Time zone for the automation.

Format: GMT + your timezone offset.

Example: -8#pacifictime

isCertTransparent

optional

boolean

If true, enables certificate transparency (CT) logging for the host.

Default: false

For more information, see CT log monitoring service.

additionalFields

optional

object

Object with additional settings.

.. keySecurityType

optional

string

Key security type used on F5 load balancer.

*Required only if F5 load balancer is used.

Allowed values:

  • STYPE_FIPS

  • STYPE_Normal

  • STYPE_NETHSM

Default: STYPE_Normal

Response parameters

Name

Type

Description

error

object

Object with error details.

data

object

Object with response data.

.. message

string

Message with details about successful creation.

.. errors

array

List of errors, if any.

.. errorCode

string

Error code.

.. errorField

string

The field that is missing.

.. errorMessage

string

Error message if the request failed.