Issuing Certificates at the Speed of IoT

PKI can handle a variety of certificate deployment approaches, making PKI the most flexible deployment solution. There is no IoT deployment too large or small to fit into DigiCert's solution.

Certificate requests can be automated through our REST API, Simple Certificate Enrollment Protocol (SCEP), Enrollment over Secure Transport (EST), or using DigiCert CertCentral® certificate management platform CertCentral is designed for mass certificate issuance, reissuance, and revocations, including tools that report and monitor certificates.

To talk to an expert, call 1-855-800-3444 »

Let Us Contact You

Additional Provisioning and Deployment Features

Digicert strives to create simplified and customizable approaches to integrating highly scalable, available, and customizable IoT certificate provisioning and deployment.

Certificates Management

DigiCert's certificate management platform is design to help IoT admins manage hundreds, thousands, or even millions for IoT-device certificates. DigiCert's PKI solution is customizable to fit the needs of all certificate deployment approaches, making it one of the most flexible IoT security deployment solutions.


Cryptography changes. As a publicly trusted CA, our job is to stay up-to-date and support upcoming curves, algorithms, and hashes before they are introduced into the mainstream. We already have the necessary infrastructure, experts, and trained staff to handle vulnerabilities and deprecations that require immediate switches to a secure alternative.

Deployment Strategies

DigiCert accommodates varying deployment strategies. IoT providers choose deployment strategies based on specific needs for networks, environments, and devices.

  • CA to Service to Device
    • Service collects or batches certificates
    • Distribution to devices
  • CA to Device
    • Device requests directly
  • Enrollment Protocol
    • SCEP
    • EST
    • API directly
      • Agent
      • Software

High Availability

DigiCert boasts 99.99% server uptime. We have the systems in place to accommodate global issuance necessary for IoT deployments. High availability is vital when dealing with global certificate provisioning, verification, and revocation. Creating an infrastructure similar to this is not logistically nor economically viable for many organizations.


DigiCert's PKI platform can scale to accommodate changes for thousands to millions of certificates. Because PKI is what we do, DigiCert has made substantial investments in the infrastructure and servers needed to handle mass issuance, reissuance, and revocation to ensure continuous integrity of our PKI systems.

PKI Autoenrollment

Windows has a feature called PKI autoenrollment that can be configured to automatically issue device certificates. Because certificate issuance happens when the device logs onto the domain, devices must be joined to a domain. (Note: Autoenrollment does not work for standalone devices.) PKI enrollment can be used for certificate issuance, certificate renewal, updating certificates, removing revoked certificates, etc.

The following include a few autoenrollment services provided through DigiCert:

  • Autoenrollment of public certificates, including issuing certificates and obtaining keys
  • Autoenrollment-based renewal of certificates in the case of modifications of user or server attributes
  • Flexible lifecycle management of user and server certificates

Talk to an IoT PKI Expert

If you have specific questions about our PKI solution for securing IoT devices, please enter your information in the form below, and an IoT security expert will contact you for a personal consultation.

Request More Information
Fill out this form to request more information or call an expert at 1-855-800-3444