Menu

Automation

May 18, 2026

OVERVIEW: This page provides instructions on all automation workflows, including automated certificate renewal, deployment tasks, and Discovery auto‑scans, are executed by the Automation Service. Automated certificate renewal and deployment can be configured once you have an existing certificate, either issued from or imported to TLS Connect.

The Automation Service runs as a Windows service on the TLS Connect server. When running, it operates in the background and periodically checks whether any automation tasks are due to run based on their configured schedules.  

This feature is for Premium licenses only. For more information and frequently asked questions, please refer to this page.

Activate the Automation Service 

  1. Open the TLS Connect application and navigate to the Automation > Dashboard tab. 

  2. Click Install Service. This installs the TLS Connect Automation Service in Windows Services. The service status will read “Stopped.” 

  3. Click Start Service to run in the background and begin running automation tasks. The service status will read “Running.” 

  4. Click Stop Service to pause the service from running and all automation activity. The service status will read “Stopped.” 

  5. Click Uninstall to remove the service. The service status will read “Not Installed.” 

 

Configure Automation Agents 

If you want TLS Connect to deploy certificates to other Windows or Linux servers, you need an agent so that the server can communicate with TLS Connect. You should have received the agent file from your Account Manager during the onboarding process. If you are missing the file, reach out to your Account Manager to receive it.

  1. Place the agent.exe file on the target server. The target server should be on the same network as the server that has the TLS Connect instance.

  2. Open a text editor on the same server as the agent.exe file and paste the following text into the file:

    { 
  "Hub": { 
    "BaseUrl": "http://127.0.0.1:5086" 
  }, 
  "Auth": { 
    "Mode": "Hmac" 
  }, 
  "Polling": { 
    "IntervalSeconds": 3 
  } 
}

  3. Change the BaseURL to the server’s IP address and port. 

  4. You may optionally modify the frequency that the agent will communicate with TLS Connect by changing the “IntervalSeconds” value.

  5. When finished, save the .json file.

  6. Run the agent.exe file to verify the configuration of the agent. If the message returned says “No task. Polling will stay quiet until a task arrives.” then the agent is active and ready for use. 

  7. Open the TLS Connect application and navigate to the Automation > Agent Hub Logs to view your connected servers. You can check the status of this server by clicking Refresh Logs.

 

Create an Automation Profile 

Automation profiles define where certificates are deployed when an automation task runs. 

  1. Open the TLS Connect application and navigate to the Automation > Server Profiles tab. 

  2. Click Create Profile

  3. You can name the profile something unique by clicking the Edit (blue pencil) icon next to the profile name. 

  4. Click Add Targets and add one or more deployment targets, such as: 

    1. Servers 

    2. Cloud platforms 

    3. Network appliances 
      You must have agents deployed to servers, and your cloud platforms/network appliances must be configured in TLS Connect to use this feature. Multiple targets can be included in a single automation profile.

  5. Click the Edit (blue pencil) icon to configure deployment rules for the profile. 

 

Create an Automation Task 

Automation tasks define when certificates are renewed and which deployment profile is used. 

  1. Navigate to Automation > Cert Config

  2. Click New Task

  3. Enter a name for the task in the Task Name field. 

  4. Select the GlobalSign issuing platform, along with the appropriate issuing profile or product. 

  5. Specify how many days before certificate expiration the renewal task should run.  

  6. Select a certificate from the Source Certificate drop-down menu. 
    This certificate serves as a template for renewed certificates. 

  7. Select the automation profile you created earlier in the Deployment Profile drop-down menu. 

  8. Click Save Task

From Automation > Dashboard you can view, modify, pause, or resume automation tasks. The dashboard also displays the number of tasks that are currently pending execution. 
 

Task Frequency and Execution 

You can control how often the Automation Service checks for pending tasks. 

From the Automation > Dashboard screen, you can: 

  • Configure how frequently the Automation Service runs 

  • Specify a daily execution time 

  • Click Run Once to manually trigger the Automation Service immediately. 

 

Deactivate Automation Agent

You can deactivate an automation agent in two ways:

  1. You can “stop” the agent’s Windows service, or delete it entirely. The status of the agent will be reflected in the TLS Connect UI.

  2. You can permanently deactivate the agent from the TLS Connect UI.

    1. Open the TLS Connect application and navigate to the Automation > Server Profiles tab. 

    2. Choose the server profile and then click + Add Target and then click Add Agent Server (Windows/Linux).

    3. Select the server and then click Delete Selected. This will permanently remove the agent from the server. This action cannot be undone. To re-add a deleted agent, you will need to add it again to the server with new credentials.

GlobalSign System Alerts

View recent system alerts.

View Alerts

Atlas Discovery

Scan your endpoints to locate all of your Certificates.

Sign Up

SSL Configuration Test

Check your certificate installation for SSL issues and vulnerabilities.

Contact Support