Tracking domains and SSL certificates

BEFORE YOU BEGIN This feature may be hidden in your Autotask instance because it is not activated. If so, you can activate it on the > Admin > Admin Categories > Activations page. Refer to Activations.

About tracking domain and SSL certificates in Autotask

Many Datto partners are already tracking domains and SSL certificates in their Autotask instance, using device categories and custom UDFs that their technicians must update manually.

To automate this process, Autotask has added two device system categories that have been optimized for tracking domains and SSL certificates.

If you create a device using the system Domain device category and enter a domain, the DNS entries and expiration dates will be retrieved automatically. If an SSL certificate is found for the domain, you will be asked if you would like to auto-create a device for it, and associate it as a child to the newly created domain.
If you create a device using the system SSL Certificate device category and enter an SSL certificate, public details will be retrieved automatically, and private keys can be added.

NOTE If hundreds of updates are scheduled for the same time it is possible that not all auto-updates are successful the first time. Unsuccessful auto-updates are re-scheduled 1 hour later until all possible auto-updates are successful.

Domains and SSL certificates tracked this way will be monitored, and you can choose to be notified when changes occur.

The new system categories appear at the bottom of the Device Categories table. They can be inactivated, and limited editing is available. They cannot be copied, deleted, or set as the default device category in either Autotask or the Client Portal.

For general information about managing categories, refer to Managing categories.

Enabling domain & SSL certificate tracking

NOTE This feature is not included with an Essentials Autotask contract. Please contact your Kaseya Account Manager.

Customers who license Autotask Essential can manually track domains and certificates, but automated retrieval of WHOIS information, DNS records, and SSL certificates is disabled. Please contact your Datto Account Manager.

Domain and SSL Certificate device structure

Data specific to devices of the category Domain and SSL Certificate is tracked in sections in the main panel of the device. The Details and Insights panel of the devices contain the same fields and insights as those of other device categories.

Datto has not added any UDFs for the two new categories. It is, however, likely that you may want to track additional details about SSL certificates, for example:

Intermediate Chain
Certificate Signing Request
Private Key

Since these fields can contain sensitive information (especially Private Key), this information would best be stored in user-defined fields. The flexibility, added features like encryption and view tracking, and the fact that they are not required make these items better suited for UDFs. Refer to Adding a User-Defined Field and Adding a User-Defined Field to a category.

Legacy issues

If your instance of Autotask had existing device categories named either Domain or SSL Certificate, they were renamed to Domain (non-system) and SSL Certificate (non-system) when we upgraded Autotask. Items assigned these categories were not updated with the new system categories.

Updating existing domains and SSL certificates with the new system categories

IMPORTANT Once the Domain or SSL Certificate category has been selected for a device, you cannot change the category in either the UI or the API.

If you have already been using devices in Autotask to track customer domains and SSL certificates using user-defined fields, you may want to apply the new system Domain and SSL Certificate categories to your existing records, so you can take advantage of the validation, auto-updates, and expiration alerts offered by the new system category types.

NOTE If you were tracking domain and SSL certificate details using UDFs, you may want to edit the new system categories and add the UDFs to the UI, so you can compare manual entries to the ones that were automatically retrieved.

The conversion is fairly straightforward:

Go to > CRM > Search > Devices.
On the Device Search page, search for all devices that are tracking user domains and SSL certificates.
On the Export dropdown menu, select In Import Template Format.
Open the file in Excel, and apply the device category named Domain or SSL Certificate, as appropriate.
Copy the values from your non-system domain or SSL source UDFs into the system (non-UDF) Domain and SSL Source fields.

NOTE Populating these fields for devices where the category is not Domain or SSL Certificate will cause the import to fail.

Save the file.
Go to > Admin > Features & Settings > Devices > Device Import and import the modified records. Refer to Importing new records or updating existing records.

Domain and SSL certificate details will be updated with the next scheduled update. For individual records, you can use the Tools menu on the Device page or the context menu on the on the Device table to force a manual update. To update multiple domain and SSL records using the bulk menu, do the following:

Return to the Device Search page and search for all records with the Device Category Domain and SSL Certificate.
Select all domain records that were updated, and from the bulk menu, select Update Domain Details.
The Domain details are updated for all records of category Domain; SSL certificates are ignored.
Select all SSL records that were updated, and from the bulk menu, select Update SSL Certificate Details. This will trigger a forced check of the SSL Certificate details and update them accordingly.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.