Skip to main content
The certificate inventory shows all certificates issued within your Application. From here you can inspect details, trigger renewals, revoke certificates, and export in various formats.
To issue certificates, you’ll need an enrollment method configured for your Application.
Application Certificates

Certificate Details

Click any certificate to view its details: Metadata is preserved across renewals and can be used to filter the certificate list.

Actions

From the certificate details page, use the Options menu:

Issuing Certificates

Go to the Certificate Requests tab and click Request Certificate. Select a certificate profile and choose a request method: For automated issuance, configure an enrollment method:
  • API — Direct API calls or Infisical Agent
  • ACME — Certbot, cert-manager, and ACME clients
  • EST — RFC 7030 enrollment
  • SCEP — Mobile device management (Jamf, Intune)

Renewal

Server-driven renewal requires API enrollment with Infisical-managed keys. Enable it on the enrollment method or toggle it per-certificate.

Export Formats

Revocation

Revoke a certificate when it’s compromised or no longer needed. Specify a reason code (key compromise, superseded, etc.). Revoked certificates are added to the issuing CA’s CRL. Verify revocation status:

What’s Next?

Certificate Syncs

Push certificates to AWS ACM, Azure Key Vault, and other destinations.

Alerting

Get notified before certificates expire.

Approvals

Require human review before issuance.

Enrollment Methods

Configure how certificates are requested.