Getting started: automating certificate enrollment and provisioning

By connecting Trust Protection Platform with your certificate authority (CA), you can automate the process of creating, renewing, enrolling and provisioning certificates.

Automation is a multi-step process, depending on whether or not you need Trust Protection Platform to install certificates on application servers.

The following diagram shows the end-to-end process for connecting Trust Protection Platform with your CA or application server to automate certificate provisioning.

Steps to automate certificate enrollment and provisioning

Prerequisites: Before you begin configuration tasks, review prerequisite information. See About CA driver prerequisites.

1. Create CA templates: Use Venafi's Policy Tree to create CA templates for your chosen certificate authority. See Step 1: Create CA templates.
2. (Recommended)Set up your policy tree: Although using policies is optional, you'll find that doing so makes managing your certificates, CA templates, applications, and devices easier in the long run. See Step 2: (Recommended) Set up your policy tree.
3. (Optional)Configure an application server:  If you are using an application server, carefully review it's prerequisites and related documentation and then create device and application objects on the Trust Protection Platform server. See Step 3: (Optional) Configure an application server.
4. (Recommended)Configure owners and approvers:  Determine who in your organization will own and approve the certificates. See Step 4: (Recommended) Configure contacts and approvers.
5. Create certificate objects:  With all of the pieces in place, Trust Protection Platform can automate the issuance of your certificates and install them wherever they are needed. See Step 5: Create certificate objects.