MongoDB Renewal Agent Integration Guide

Prerequisites

To get the MongoDB Renewal Agent working smoothly with your deployed instance of CertSecure Manager, you’ll need a few key things.

  1. Administrative privileges

    You must be logged in as a local administrator on the target machine where you want to install the agent.

  2. MongoDB Account with Required Permissions

    To set up the renewal agent you also need a MongoDB user account with appropriate permissions.

  3. Connectivity

    CertSecure Manager must be accessible from the machine running MongoDB. To validate, try visiting https://your-certsecure-backend-url/check using a browser.

    You must also be able to connect to your MongoDB instance from the target machine; therefore, ensure that port 27017 (or your configured port) is open and accessible.

Installation

After confirming the prerequisites, you can set up the renewal agent using the installer.

Configuration and Installation

Run the Renewal agent installer as an administrator and choose the MongoDB renewal agent for installation.

Agent installer

Steps:

  1. Mention the required details
    • Provide a unique name for the agent.
    • Provide a unique service name for the agent.
    • Specify the database name for certificate storage metadata
    • Specify the database name for MongoDB Config path.
    • Provide the URL for your CertSecure Manager backend.

      Agent settings
  2. Register and run the agent
    • On the CertSecure Manager UI, go to Utilities ➡ Agents and then click on Create Registration token.
    • Provide the registration token when the installer prompts to do so. Now mention the MongoDB account credentials and authentication database (usually ‘admin’).
    • Wait for the installer to finalize the installation and then close the installer.

      Agent Registration key
      Token generation in CertSecure Manager

Validation

After the installation has finished, you can validate the installation by following these steps:

  • On the CertSecure Manager UI, go to Utilities ➡ Agents. You can see a renewal agent with the name provided during installation.
  • On the target machine, run services.msc and look for EC_MongoDB_Renewal_Agent, you can monitor and manage the renewal agent from here.
  • You can also monitor the agent logs by accessing the log file at C:/CertSecure/logs/mongodb_agent.log.

    Certsecure agents route
    Agent Service