Switchy
Sign up
otherapi_key

Digicert

DigiCert is a leading provider of high-assurance TLS/SSL, PKI, IoT, and signing solutions, enabling secure digital interactions worldwide.

Verdict

The DigiCert MCP gives teams direct access to certificate management and account administration tools inside Switchy. @mention it to audit SSL/TLS certificates, check user permissions, manage API keys, or update compliance reports without leaving your workspace. Security engineers and DevOps teams use it to verify certificate chains, rotate credentials, and pull user lists during incident response. You'll need a DigiCert CertCentral API key with appropriate scopes — the MCP can't issue or revoke certificates directly, but it handles the operational tasks around them.

Common use cases

  • Audit certificate chains during security reviews
  • Rotate API keys after team member offboarding
  • Pull user lists for compliance reporting
  • Verify permissions before deploying new services
  • Update scheduled report recipients after org changes

Integration

Vendor
Digicert
Category
other
Auth
API_KEY
Tools
6
Composio slug
digicert

Tools

  • Check Permission

    Tool to check if a specific permission is available. use when validating that the authenticated user may perform an operation before attempting it.

  • Create API Key

    Tool to create a new api key with specified permissions. use when you have a valid digicert user id and need to generate a new key. note the api key appears only once; save it securely.

  • List API Access Roles

    Tool to retrieve a list of available api access roles. use after confirming authentication with an api key.

  • List CertCentral Users

    Tool to retrieve a list of certcentral account users. use when you need to audit or manage users with support for pagination and optional detail inclusion.

  • List Intermediate Certificates

    Tool to retrieve a list of intermediate certificates. use when you need to list all intermediate certificates for your account. no input required.

  • Update Report

    Tool to update an existing report’s configuration. use when you need to modify the schedule, recipients, or format of a scheduled report.

Setup

Setup guide

  1. 11. In Switchy, open your workspace settings and navigate to the MCP integrations page. 2. Select DigiCert from the available integrations and click Connect. 3. You'll be prompted to enter your DigiCert CertCentral API key — generate one in your DigiCert account under Account > API Keys, granting scopes for certificate read, user management, and report access depending on which tools you need. 4. Paste the key into Switchy and click Authorize. 5. Switchy confirms the connection by testing a lightweight permission check. 6. Open any Space and type '@DigiCert list intermediate certificates' to verify the integration works — you should see a list of your account's intermediate certs. 7. If the test fails, double-check the API key hasn't expired and has the required scopes enabled in CertCentral.

What teammates see: by default, memories from Digicert are scoped to the Space (PROJECT visibility) - you can mark any memory PRIVATE or share it ORG-wide.

Works well with

Top models

Compatibility data appears once enough Spaces have used this MCP together with a given model.

How Switchy teams use it

Not enough Spaces yet to publish anonymised usage stats (we require ≥ 50 Spaces per week).

Starter prompts

List All Intermediate Certs

@DigiCert list all intermediate certificates in our account
Open in a Space →

Check User Permission

@DigiCert check if user ID 12345 has permission to issue certificates
Open in a Space →

Audit CertCentral Users

@DigiCert list all CertCentral users with full details for our quarterly access review
Open in a Space →

Generate New API Key

@DigiCert create a new API key for user ID 67890 with certificate read and user management permissions
Open in a Space →

Update Compliance Report

@DigiCert update report ID 456 to send weekly summaries to security@company.com in PDF format
Open in a Space →

Example outputs

Illustrative - representative of the model's voice and quality, not literal recordings.

Prompt

@digicert list all intermediate certificates in our account and show me which ones expire in the next 90 days

Output

Retrieved 8 intermediate certificates from your DigiCert account. Three certificates are expiring within 90 days: 'DigiCert TLS RSA SHA256 2020 CA1' (expires March 15, 2025), 'DigiCert Global G2 TLS RSA SHA256 2020 CA1' (expires April 2, 2025), and 'DigiCert SHA2 Secure Server CA' (expires April 28, 2025). The remaining five certificates have expiration dates beyond June 2025. This illustrative example shows the type of certificate inventory data the MCP would return.

Notes

This example demonstrates read-only certificate discovery. The MCP requires valid API key authentication with certificate-read permissions. Actual certificate lists vary by account configuration and may include dozens or hundreds of entries depending on your organization's PKI footprint.

Prompt

@digicert create a new API key for user ID 847392 with permissions for certificate management and order placement

Output

Successfully created API key for user ID 847392. Key ID: ak_3f8d9a2b1c4e5f6g. Permissions granted: certificate_management, order_placement. **Important**: The full API key value 'ak_3f8d9a2b1c4e5f6g_7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w' appears only once and cannot be retrieved again. Store this securely in your secrets manager. This illustrative example shows the key creation confirmation format.

Notes

This write operation creates a permanent credential with specified permissions. You must have admin-level access to create API keys for other users. The MCP cannot retrieve the key value after creation, so the response must be captured immediately. Consider checking permissions first using the Check Permission tool.

Prompt

@digicert review our CertCentral users and identify anyone with admin access who hasn't logged in during the last 6 months

Output

Retrieved 23 CertCentral users from your account. Cross-referencing admin roles with last login timestamps: 4 users have admin access with no login activity in the past 180 days: jsmith@company.com (last login: August 2024), mwilson@company.com (last login: July 2024), agarcia@company.com (last login: June 2024), and rjohnson@company.com (last login: May 2024). These accounts may represent security risks for credential compromise. This illustrative example combines user listing with AI analysis of access patterns.

Notes

This synthesis example pairs the List CertCentral Users tool with AI reasoning to identify security risks. The MCP provides raw user data including roles and login timestamps; the AI performs the temporal analysis. Actual user counts and activity patterns depend on your organization's size and access policies.

Use-case deep-dives

Certificate audit for compliance team

When Digicert MCP makes quarterly cert audits faster

A 6-person security team runs quarterly audits of SSL certificates across 40 customer-facing domains. They need to pull intermediate cert lists, verify who has API access, and update report schedules so finance gets the renewal forecast. The Digicert MCP is the right call here because it consolidates three manual tasks—listing intermediates, auditing CertCentral users, and tweaking report configs—into one Switchy workflow. The team saves 90 minutes per quarter by skipping the web console. The trade-off: if you're only checking one or two certs ad-hoc, logging into CertCentral is faster than configuring the MCP. But for recurring audits or bulk operations, this MCP pays off immediately. Add it to your Switchy workspace if certificate management is a scheduled team ritual, not a one-off task.

Onboarding engineer API key provisioning

Digicert MCP for self-service developer onboarding

A 12-person DevOps team onboards two engineers per month who need Digicert API keys to automate cert renewals in CI/CD pipelines. The lead engineer uses the Digicert MCP to check permissions, list available roles, and create API keys with the correct scopes—all from a Switchy chat without touching the admin panel. This works because the MCP's Create API Key tool surfaces the key exactly once, and the engineer can paste it directly into the new hire's 1Password vault. The boundary: if your onboarding cadence is slower than once a quarter, the manual web flow is fine. But if you're scaling a team or rotating keys frequently, the MCP cuts onboarding time from 20 minutes to 3. Use it when API key provisioning is a repeating workflow, not a rare event.

Customer support certificate troubleshooting

When Digicert MCP speeds up support ticket resolution

A 5-person support team fields 15 tickets per week about certificate errors—expired intermediates, misconfigured chains, or missing renewals. The support lead uses the Digicert MCP to list intermediate certificates and check user permissions while on a call with a customer, then updates the renewal report schedule to catch the next expiration window. This scenario works because the MCP's 6 tools cover the most common support queries without forcing the agent to escalate to a Digicert admin. The limit: if your support volume is under 5 cert-related tickets per month, the context-switching cost of adding another MCP outweighs the time saved. But for teams handling certificate issues weekly, the MCP turns a 10-minute admin lookup into a 2-minute inline check. Add it if certificate troubleshooting is a recurring support burden.

Frequently asked

What does the DigiCert MCP do in Switchy?

It connects your DigiCert CertCentral account so AI agents can check certificate inventory, manage API keys, audit user permissions, and update report configurations. You can ask questions like 'show me all intermediate certs' or 'who has admin access in CertCentral' without logging into the DigiCert portal. Useful for security teams running audits or automating certificate lifecycle tasks.

Do I need a DigiCert admin account to set this up?

You need a DigiCert API key with appropriate permissions for the operations you want to run. The MCP includes a Check Permission tool to validate access before attempting actions. If you're creating new API keys or listing users, you'll need elevated privileges in CertCentral. Standard certificate read operations typically require fewer permissions.

Can the DigiCert MCP issue or revoke SSL certificates?

No. This MCP focuses on account management and reporting — listing certificates, checking permissions, managing API keys, and updating scheduled reports. It doesn't handle certificate issuance, renewal, or revocation. For those workflows, you'll still use the DigiCert portal or their dedicated certificate management APIs directly.

Why use this instead of the DigiCert API directly?

The MCP wraps DigiCert's API so you can query certificate data and user permissions in plain English alongside other tools in Switchy. Instead of writing scripts to check who has access or pull intermediate cert lists, you ask an agent. It's faster for ad-hoc audits and compliance checks, especially when you're already using Switchy for other security workflows.

Who on the team should connect the DigiCert integration?

Whoever owns your organization's DigiCert CertCentral account and can generate API keys with the right scopes. Typically a security engineer or IT admin. Once connected in Switchy, any team member with access to the shared workspace can query certificate data or run permission checks through the agent, without needing their own DigiCert credentials.

Data last verified 607 hours ago.Sources aggregated hourly to weekly. See docs/architecture/model-directory.md.