IIS Renewal Agent Integration Guide

Prerequisites

To get the IIS Renewal Agent working smoothly with your deployed instance of CertSecure Manager, you’ll need a few key things.

  1. Administrative privileges

    You must be logged in as a local administrator on the target machine where you want to install the agent, and IIS is running.

  2. Connectivity

    CertSecure Manager must be accessible from the machine running on the web server. To validate, try visiting https://your-certsecure-backend-url/check using a browser.

Installation

After confirming the prerequisites, you can set up the renewal agent using the installer.

Configuration and Installation

Run the Renewal agent installer as an administrator and choose the IIS renewal agent for installation.

Renewal agent installer

Steps:

  1. Mention the required details
    • Provide a unique name for the agent.
    • Provide the Site Name to which the pushed certificates will be bound.

    • Provide the URL for your CertSecure Manager backend.

      Configuring agent settings
  2. Register and run the agent

    • On the CertSecure Manager UI, go to Utilities ➡ Agents and then click on Create Registration token.

      Token generation in CertSecure Manager

    • Provide the registration token when the installer prompts to do so.

      Agent registration key

    • Provide the PFX password.

      PFX password
    • Wait for the installer to finalise the installation and then close the installer.

Validation

After the installation has finished, you can validate the installation by following these steps:

  • On the CertSecure Manager UI, go to Utilities ➡ Agents. You can see a renewal agent with the name provided during installation.

    Certsecure agents route

  • On the target machine, run services.msc and look for EC_IIS_Renewal_Agent, you can monitor and manage the renewal agent from here.

    IIS Agent
  • You can also monitor the agent logs by accessing the log file at C:/CertSecure/logs