emSign Knowledge Base
  • emSign
  • Getting Started
    • About emSign
    • Why emSign?
    • Key Highlights
      • Root Store Listings
      • Trust
      • Security
    • Certificate Lifecycle and Key Management Platform (CERTInext)
  • emSign CERTInext
    • Overview
    • Getting Started
      • Enterprise Sign up
      • Partner Sign up
      • Retail Customers
      • Multi-factor & Trusted login
        • Multifactor Authentication and Single Sign On
        • Enforce 2FA
        • IP Restrictions
        • Digital Certificate based login
      • Alerts and Notifications
    • User and Group Management
    • Ordering a Certificate
      • As a Customer
        • DV certificates
        • OV Certificates
        • EV Certificates
        • SMIME Certificates
        • Intranet SSL Certificate
        • IGTF Certificates
        • Subscription Plan Coverage for SSL Products
        • Group-based Certificates Ordering
        • Ordering using Custom Fields
      • As a Partner
        • Order for Customers
        • Order for Sub-accounts
      • Requester Approval Workflows
        • EV requests by Authorized Signatory
        • Certificate requests by Administrator
      • Submitting a Certificate Signing Request (CSR)
        • Submit CSR for Pending Orders
        • Replace CSR for Pending Orders
      • Downloading Certificates
        • Download Interim DV
        • Download Certificate
      • Post Order Actions
        • Renew Certificate
        • Revoke an issued Certificate
        • Reissue Certificate
        • Add / Remove SANs for Multi-Domain SSL
    • Management
      • Domains
      • Organizations
      • Orders
      • Products
      • Templates
        • CSR Templates
        • Provisioning Templates
    • Integrations
      • Using APIs to Order
        • REST APIs
        • ACME APIs
      • Tools
        • eMudhra Certificate Utility Tool
        • eMudhra emSign Click Tool
          • Procedure for installing Certificate in HSM
          • Procedure for Attested CSR Generation
      • CA Connectors
    • Billing & Payments
      • Add Credits
      • Invoices
      • Statement (Ledger Statement)
      • Product Price List
    • Reports
      • Orders Report
      • Overall Statistics
      • Certificates Report
      • Key Store Report
      • Key Report
      • Sales Summary
      • Audit Logs
    • Settings
      • Reporting Tags
      • Manage Schedules
      • Custom Fields
    • Certificate Lifecycle Management
      • Discover Certificates
      • emSign CERTInext Bot
    • Key Lifecycle Management
      • Manage Keys
      • Key Profiles
      • Key Store
  • Consent Management
  • Certificate Approval Process
    • Domain Validation (DV) Process
    • Organization Validation (OV) Process
    • Extended Validation (EV) Process
    • User Certificates Process
    • SMIME Certificate Process
    • Qualified Sources
  • Certificate Installation
    • Before you install
    • Browser Compatibility
    • emSign's Security Seal
    • Installing SSL Certificate on IIS
    • Installing SSL Certificate on cPanel
    • Installing SSL Certificate on Amazon Web Services (AWS)
    • Installing SSL Certificate on Apache
    • Installing SSL Certificate on Plesk 12
    • Installing SSL Certificate on NGINX
    • Installing SSL Certificate on Google App Engine
    • Installing SSL Certificate on WHM
    • Installing SSL Certificate on Ubuntu
    • Installing SSL Certificate on Tomcat
    • Installing SSL Certificate on Heroku
    • Installing SSL Certificate on Bigcommerce
    • Installing Root & Intermediate Certificates for Intranet SSL
    • Supported Devices for auto-provisioning of certificates
    • SSL/TLS Server Rating Guide
  • Release Notes
    • Introduction
    • R1619 (07-Apr-2025)
    • R1591 (10-Mar-2025)
    • R1581 (28-Feb-2025)
    • R1553 (31-Jan-2025)
    • R1522 (31-Dec-2024)
    • R1490 (29-Nov-2024)
    • R1460 (30-Oct-2024)
    • R1427 (27-Sep-2024)
    • R1371 (02-Aug-2024)
    • R1354 (16-Jul-2024)
    • R1300 (23-May-2024)
    • R1251 (04-Apr-2024)
    • R1230 (14-Mar-2024)
    • R1196 (09-Feb-2024)
    • R1167 (11-Jan-2024)
    • R1152 (27-Dec-2023)
    • R1139 (14-Dec-2023)
    • R1124 (29-Nov-2023)
    • R1115 (20-Nov-2023)
    • R1101 (06-Nov-2023)
    • R1075 (11-Oct-2023)
    • R1062 (28-Sep-2023)
    • R1046 (12-Sep-2023)
    • R1039 (05-Sep-2023)
    • R1031 (28-Aug-2023)
    • R1024 (21-Aug-2023)
    • R1001 (29-Jul-2023)
Powered by GitBook

© eMudhra. All Rights Reserved.

On this page
  • Setting up a New emSign CERTInext Bot
  • Steps to Activate the Bot
  • Other emSign CERTInext Bot capabilities

Was this helpful?

Export as PDF
  1. emSign CERTInext
  2. Certificate Lifecycle Management

emSign CERTInext Bot

PreviousDiscover CertificatesNextKey Lifecycle Management

Last updated 1 month ago

Was this helpful?

The emSign CERTInext Bot is a comprehensive software solution for managing digital certificates across an organization's infrastructure. It automates the process of scanning, monitoring, and renewing certificates.

The emSign Bot is available for the following operating systems:

  • Windows

  • Ubuntu

How the emSign CERTInext Bot works

The emSign Bot is deployed on your server to scan and gather certificate data.

To download the emSign Bot executable file, navigate to Integrations > Tools > emSign CERTInext Bot.

The emSign Bot needs to run as Administrator. Once installed, the bot is launched and the interface will appear on your system as shown below.

Need to set up templates and profiles for generating keys and provisioning certs, if you want to use the Bot for provisioning.

Setting up a New emSign CERTInext Bot

Navigate to Certificates > Bots to begin the setup.

Account Administrator Restrictions: By default, the account administrator can create only one emSign Bot. To create additional bots, the administrator must contact the account manager.

Who can create bots?

  • Both Resellers and Enterprise users can create emSign bots.

  • Filtering Bots: Use the search option or advanced search to filter and locate specific bots

  • Adding a new emSign bot: Click the plus (+) icon in the top-right corner to open the New emSign Bot modal.

Configuring the New Bot:

  • Provide the Bot Name and select the Group.

  • Click the “Generate Bot Token” button to complete the setup.

Activating the Bot:

  • Once created, the bot status will display “Activation Pending”

  • To activate the bot, click the "Settings" button in the action column. This will navigate to the emSign Bot View page, where you need to complete the following:

    • emSign Bot Information

    • Configure Scan targets

    • Set up scan schedule

    • Additional Information

emSign Bot Information

  • All relevant details, including the

    • Bot’s name

    • Group

    • Bot token

    • And status, will be pre-filled based on the emSign Bot’s configuration.

Account administrators have the option to modify the bot’s name, as shown below.

Steps to Activate the Bot

Step 1:

Enter the Account ID (10-digit Account Number of your CERTInext account).

The Account ID/Account Number is a unique number generated during creation of your CERTInext account. This can be found on your CERTInext account dashboard or in My Profile page.

Step 2:

Enter the Bot Token (Unique ID generated upon creation of a bot.

For e.g; f8368fea-d5da-4502-a39b-43e6752f3b5e)

Step 3:

Click on “Activate Bot” button. The bot starts to run and scan for the predefined targets.

Other emSign CERTInext Bot capabilities

The CERTInext Bot Utility provides multiple configuration options for communication, security, and deployment automation. Below is a breakdown of each setting with an explanation of what it does and when/how to use it while configuring the bot.

  1. Communicate via Connector Bot:

  • This feature allows the CERTInext Bot to communicate with another instance of the bot running on a different system or network.

  • Useful for distributed environments where multiple bots handle different tasks and need to coordinate.

  • The Connector Bot serves as a key facilitator in certificate discovery and transfer. It operates on a dedicated server, scanning for certificates and securely pushing them to the requestor upon completion of the scan.

  • To establish communication, the Connector Bot shares its IP address and port details with the requestor. This allows the requestor bot to activate and receive the discovered certificates efficiently. The Connector Bot ensures a seamless and automated process, reducing manual intervention and enhancing security.

  • Once the scan is complete, the Connector Bot automatically transfers the identified certificates to the requestor. This setup ensures that the requestor receives up-to-date certificates with minimal effort, improving operational efficiency and compliance with security policies.

  • By acting as a bridge between certificate discovery and delivery, the Connector Bot streamlines the process while maintaining secure communication.

When to Use:

  • When you have multiple CERTInext Bot instances and want them to exchange information or commands.

  • Ideal for large enterprise setups where SSL/TLS certificate discovery, deployment, or monitoring is divided among multiple locations.

How to Configure:

  • Enable the checkbox “Communicate via Connector Bot.”

  • Enter the Connector Bot IP – This is the IP address of the bot you want to communicate with.

    • Connector Bot IP: This is the IP address of the secondary CERTInext Bot that the current bot will communicate with. It acts as the target endpoint for the connection between bot instances.

  • Enter the Connector Bot Port – The port on which the Connector Bot is listening for requests.

    • Connector Bot Port: Defines the port number through which communication between two CERTInext Bots occurs.

  • Save the settings and ensure the remote bot is correctly configured to accept connections.

  1. Custom URL:

    • Allows you to define a specific URL endpoint where the bot connects, instead of using the default server settings.

    • Useful for custom integrations with private networks or third-party tools.

When to Use:

  • If your organization hosts a private CERTInext API instance and does not use the default service URL.

  • If you need to connect to an enterprise-specific SSL/TLS management server.

How to Configure:

  • Enable the “Custom URL” checkbox.

  • Enter the complete URL

  • Ensure the endpoint is reachable from your network.

  1. Provide Proxy Details:

  • Enables proxy server support for bot communication.

  • Required when the network restricts direct internet access.

When to Use:

  • If your organization requires all internet traffic to go through a proxy server.

  • If you're behind a firewall that blocks direct outgoing connections.

How to Configure:

  • Enable “Provide Proxy Details”.

  • Enter:

    • Proxy IP (IP address of the proxy server)

      • The IP address of the proxy server that CERTInext Bot will use for outgoing requests.

    • Proxy Port (Port number for proxy communication).

      • The port number used by the proxy server for handling traffic.

    • Proxy Username (Only if authentication is required).

      • A username credential required for proxy authentication.

    • Proxy Password (Only if authentication is required).

      • The password associated with the proxy username for authentication.

  1. Listener Port:

    • The port number on which the bot listens for incoming connections.

When to Use:

  • If the bot is expected to receive commands or data from external sources.

How to Configure:

  • Enable "Listener Port".

  • Enter a valid port number (e.g., 5000, 8443, or 9090).

  • Ensure the firewall allows incoming traffic on this port.

Final Steps:

Once all settings are configured:

  1. Click "Activate Bot" to apply changes.

  2. Verify the bot is connected and communicating properly.

  3. If issues arise, check logs and firewall rules.

Reporting tags

  • The account user can add the reporting tags by clicking the "Add tag" option to map them to the bot for easy filtering.

  • Provide the Tag name & Tag value, Remarks and click on "Save" button to proceed.

Upon creation, the emSign bot status will change to "Active" & all relevant actions will be displayed in the grid as shown below.

Grid Actions

  • Run Scan: Initiates a scan based on the configured scan targets when this button is clicked.

  • Suspend Bot: Suspends the bot, changing its status to "Suspended."

  • Deactivate Bot: Deactivates the bot, setting its status to "Inactive." The bot will no longer be used.

  • View: Navigates to the My emSign Bots view page, where the Regenerate Bot Token and Edit buttons are available

  • Edit: If the account administrator needs to modify the emSign Bot information, click the "Edit" button

  • Regenerate Bot Token: To generate a new bot token, click the "Regenerate Bot Token" button.