Integration with DigiCert SSL

Key Manager Plus facilitates integration with DigiCert signing authority, making it possible for enterprises to automate the end-to-end management of web server certificates signed and issued by DigiCert from a centralized platform. This document discusses the steps to manage the life cycle operations of SSL/TLS certificates issued by DigiCert directly from Key Manager Plus' web interface—right from importing existing orders, certificate request and provisioning, to deployment, renewal and thereupon.

Before you proceed with the integration, complete the following step as a prerequisite:


Add the following base URL and port as an exception in your firewall or proxy to ensure Key Manager Plus is able to connect to DigiCert's CA Services.
Port: 443

Follow the step-by-step procedure below to integrate DigiCert with Key Manager Plus:

1. Configure CertCentral API Key Details in Key Manager Plus

The first step to request and manage DigiCert certificates from Key Manager Plus is to link both your Key Manager Plus and CertCentral accounts by configuring your CertCentral API key details in Key Manager Plus.

Case 1: You do not have a DigiCert account

If you do not have a DigiCert account already, follow the steps below to sign up for a new account and generate your CertCentral API key. 

Case 2: You have a DigiCert account

If you have an account with DigiCert CertCentral already, all you have to do is generate your API key from the CertCentral portal and provide it in Key Manager Plus.

2. Pre-validate Organizations and Domains

(To be performed in CertCentral portal)

Before placing orders for DigiCert certificates from Key Manager Plus, it is necessary that you have your domains / organizations pre-validated from the CertCentral portal. Once the pre-validation process is complete, future certificate issuance and renewals for those domains / organizations become pretty straight forward. Refer the CertCentral user guide for a more detailed explanation on the pre-validation process.

3. Import Existing Orders

The next step is to import all certificate orders from your CertCentral portal into Key Manager Plus. To import existing orders,

4. Create a Certificate Order

Once you have successfully linked both your CertCentral and Key Manager Plus accounts by providing the API key details, you can place orders for DigiCert SSL/TLS certificates directly from Key Manager Plus.

To place a new certificate order,


  • Product name, payment, and organization fields are fetched and displayed according to the permissions provided in CertCentral portal.
  • For certificate validity, inputs given for 'Custom Expiry Date' overrides 'Validity Days' which in turn overrides the input given for 'Validity'.
  • The payment for orders placed from Key Manager Plus is handled by the CertCentral portal. Should you face any issues / discrepancies with payment, please contact the CertCentral customer support team. 

5. Certificate Issue

Note: Certificates issued are automatically added to Key Manager Plus repository, only if you have the required license count. If not, you need to renew your Key Manager Plus license before attempting to import the certificate.

6. Renew, Revoke, and Delete Certificates

You can renew, revoke, delete or request reissue for certificates or cancel certificate orders from Key Manager Plus.

To renew a certificate,

To request for a certificate reissue,

To revoke a certificate,

To delete a certificate request,

To cancel a certificate order,