Automation Introduction

Certificate Lifecycle Automation allows your certificates to always be up to date with your security policy without interrupting your services unexpectedly, and without need of tiring manual operations.

The following elements are needed to allow this behavior to take place:

  • horizon-cli: The horizon client. Installed on your server machine, it will communicate with Horizon to know when to perform the certificate change, and it will install the new certificate automatically. This feature is only available since client version 1.6.0.

On EverTrust Horizon side:

  • Execution policies: Define when the interruption of service to switch the certificate should take place.

  • Automation policies: Define what profile to enroll the certificates on, and also various cryptographic parameters.

  • Profiles: Define on which protocol and PKI your certificate is enrolled, and its contents. Automation is available on SCEP, ACME and EST profiles.