MSSQL Renewal Agent Integration Guide

Prerequisites

To get the MSSQL Renewal Agent working smoothly with your deployed instance of CertSecure Manager, you’ll need a few key things.

  1. Administrative privileges

    You must be logged in as a local administrator on the target machine where you want to install the agent.

  2. MSSQL Server Account with Required Permissions

    To set up the renewal agent you also need a SQL Server configured with appropriate permissions.

  3. Connectivity

    CertSecure Manager must be accessible from the machine running the SQL Server. To validate, try visiting https://your-certsecure-backend-url/check using a browser.

    You must also be able to connect to your MSSQL Server instance from the target machine; therefore, ensure that port 1433 (or your configured port) is open and accessible.

Installation

After confirming the prerequisites, you can set up the renewal agent using the installer.

Configuration and Installation

Run the Renewal agent installer as an administrator and choose the MSSQL renewal agent for installation.

Renewal agent installer

Steps:

  1. Mention the required details
    • Provide a unique name for the agent.
    • Provide Path to MS SQL Server.

    • Provide the URL for your CertSecure Manager backend.

      Agent configuration
  2. Register and run the agent
    • On the CertSecure Manager UI, go to Utilities ➡ Agents and then click on Create Registration token.
    • Provide the registration token when the installer prompts to do so.
    • Now mention the MSSQL Server account credentials (SQL Authentication or Windows Authentication).

    • Wait for the installer to finalize the installation and then close the installer.

      Token generation in CertSecure Manager
      Agent registration key

Validation

After the installation has finished, you can validate the installation by following these steps:

  • On the CertSecure Manager UI, go to Utilities ➡ Agents. You can see a renewal agent with the name provided during installation.
  • On the target machine, run services.msc and look for EC_MSSQL_Renewal_Agent, you can monitor and manage the renewal agent from here.
  • You can also monitor the agent logs by accessing the log file at C:/CertSecure/logs/mssql_agent.log.

  • Connect to SQL Server Management Studio and verify SSL certificate bindings in SQL Server Configuration Manager.

    CertSecure agents route
    Agent service