emSign CERTInext Bot
Last updated
Was this helpful?
Last updated
Was this helpful?
The emSign CERTInext Bot is a comprehensive software solution for managing digital certificates across an organization's infrastructure. It automates the process of scanning, monitoring, and renewing certificates.
The emSign Bot is available for the following operating systems:
Windows
Ubuntu
How the emSign CERTInext Bot works
The emSign Bot is deployed on your server to scan and gather certificate data.
To download the emSign Bot executable file, navigate to Integrations > Tools > emSign CERTInext Bot.
The emSign Bot needs to run as Administrator. Once installed, the bot is launched and the interface will appear on your system as shown below.
Need to set up templates and profiles for generating keys and provisioning certs, if you want to use the Bot for provisioning.
Navigate to Certificates > Bots to begin the setup.
Account Administrator Restrictions: By default, the account administrator can create only one emSign Bot. To create additional bots, the administrator must contact the account manager.
Who can create bots?
Both Resellers and Enterprise users can create emSign bots.
Filtering Bots: Use the search option or advanced search to filter and locate specific bots
Adding a new emSign bot: Click the plus (+) icon in the top-right corner to open the New emSign Bot modal.
Configuring the New Bot:
Provide the Bot Name and select the Group.
Click the “Generate Bot Token” button to complete the setup.
Activating the Bot:
Once created, the bot status will display “Activation Pending”
To activate the bot, click the "Settings" button in the action column. This will navigate to the emSign Bot View page, where you need to complete the following:
emSign Bot Information
Configure Scan targets
Set up scan schedule
Additional Information
emSign Bot Information
All relevant details, including the
Bot’s name
Group
Bot token
And status, will be pre-filled based on the emSign Bot’s configuration.
Account administrators have the option to modify the bot’s name, as shown below.
Step 1:
Enter the Account ID (10-digit Account Number of your CERTInext account).
The Account ID/Account Number is a unique number generated during creation of your CERTInext account. This can be found on your CERTInext account dashboard or in My Profile page.
Step 2:
Enter the Bot Token (Unique ID generated upon creation of a bot.
For e.g; f8368fea-d5da-4502-a39b-43e6752f3b5e)
Step 3:
Click on “Activate Bot” button. The bot starts to run and scan for the predefined targets.
The CERTInext Bot Utility provides multiple configuration options for communication, security, and deployment automation. Below is a breakdown of each setting with an explanation of what it does and when/how to use it while configuring the bot.
Communicate via Connector Bot:
This feature allows the CERTInext Bot to communicate with another instance of the bot running on a different system or network.
Useful for distributed environments where multiple bots handle different tasks and need to coordinate.
The Connector Bot serves as a key facilitator in certificate discovery and transfer. It operates on a dedicated server, scanning for certificates and securely pushing them to the requestor upon completion of the scan.
To establish communication, the Connector Bot shares its IP address and port details with the requestor. This allows the requestor bot to activate and receive the discovered certificates efficiently. The Connector Bot ensures a seamless and automated process, reducing manual intervention and enhancing security.
Once the scan is complete, the Connector Bot automatically transfers the identified certificates to the requestor. This setup ensures that the requestor receives up-to-date certificates with minimal effort, improving operational efficiency and compliance with security policies.
By acting as a bridge between certificate discovery and delivery, the Connector Bot streamlines the process while maintaining secure communication.
When to Use:
When you have multiple CERTInext Bot instances and want them to exchange information or commands.
Ideal for large enterprise setups where SSL/TLS certificate discovery, deployment, or monitoring is divided among multiple locations.
How to Configure:
Enable the checkbox “Communicate via Connector Bot.”
Enter the Connector Bot IP – This is the IP address of the bot you want to communicate with.
Connector Bot IP: This is the IP address of the secondary CERTInext Bot that the current bot will communicate with. It acts as the target endpoint for the connection between bot instances.
Enter the Connector Bot Port – The port on which the Connector Bot is listening for requests.
Connector Bot Port: Defines the port number through which communication between two CERTInext Bots occurs.
Save the settings and ensure the remote bot is correctly configured to accept connections.
Custom URL:
Allows you to define a specific URL endpoint where the bot connects, instead of using the default server settings.
Useful for custom integrations with private networks or third-party tools.
When to Use:
If your organization hosts a private CERTInext API instance and does not use the default service URL.
If you need to connect to an enterprise-specific SSL/TLS management server.
How to Configure:
Enable the “Custom URL” checkbox.
Enter the complete URL
Ensure the endpoint is reachable from your network.
Provide Proxy Details:
Enables proxy server support for bot communication.
Required when the network restricts direct internet access.
When to Use:
If your organization requires all internet traffic to go through a proxy server.
If you're behind a firewall that blocks direct outgoing connections.
How to Configure:
Enable “Provide Proxy Details”.
Enter:
Proxy IP (IP address of the proxy server)
The IP address of the proxy server that CERTInext Bot will use for outgoing requests.
Proxy Port (Port number for proxy communication).
The port number used by the proxy server for handling traffic.
Proxy Username (Only if authentication is required).
A username credential required for proxy authentication.
Proxy Password (Only if authentication is required).
The password associated with the proxy username for authentication.
Listener Port:
The port number on which the bot listens for incoming connections.
When to Use:
If the bot is expected to receive commands or data from external sources.
How to Configure:
Enable "Listener Port".
Enter a valid port number (e.g., 5000, 8443, or 9090).
Ensure the firewall allows incoming traffic on this port.
Final Steps:
Once all settings are configured:
Click "Activate Bot" to apply changes.
Verify the bot is connected and communicating properly.
If issues arise, check logs and firewall rules.
Reporting tags
The account user can add the reporting tags by clicking the "Add tag" option to map them to the bot for easy filtering.
Provide the Tag name & Tag value, Remarks and click on "Save" button to proceed.
Upon creation, the emSign bot status will change to "Active" & all relevant actions will be displayed in the grid as shown below.
Grid Actions
Run Scan: Initiates a scan based on the configured scan targets when this button is clicked.
Suspend Bot: Suspends the bot, changing its status to "Suspended."
Deactivate Bot: Deactivates the bot, setting its status to "Inactive." The bot will no longer be used.
View: Navigates to the My emSign Bots view page, where the Regenerate Bot Token and Edit buttons are available
Edit: If the account administrator needs to modify the emSign Bot information, click the "Edit" button
Regenerate Bot Token: To generate a new bot token, click the "Regenerate Bot Token" button.
