Certificate Provisioning

Certificate Provisioning is a process in which a certificate is injected into a remote endpoint. Currently, Akeyless supports provisioning certificates to a Linux or a Windows endpoints utilizing Targets.

Any stored certificate can be provisioned through the Gateway whereupon a successful provisioning, future renewals of the certificate will be provisioned automatically.

Provisioning a certificate using the Akeyless CLI

Run the following CLI command to provision a certificate:

akeyless assoc-target-item --name <Certificate name> \
--target-name <Target Name> \
--gateway-url 'https://<Your-Akeyless-GW-URL:8000>' \
--certificate-path <Where to save the certificate> 


  • name : The Certificate item name.
  • target-name The Target item name, to provision the certificate.
  • gateway-url: Akeyless Gateway Configuration Manager URL (port 8000).
  • certificate-path :A path on the Target to save the certificate PEM file can be used as well with chain-path and private-key-path flags to save those on different locations.

You can find the complete list of additional parameters for this command in the CLI Reference - Encryption Keys section.

Provisioning a certificate using the Akeyless Console

  1. Log in to the Akeyless Console, and go to Items, find the certificate you wish to provision.
  2. Click on the Certificate item , click on the Provisioning tab, and then Attach.
  3. Enter the Target Name, Select. the Gateway, and set the desired location where you want the certificate to be saved on the remote machine, once all the settings are configured, press Attach

You will see the details of your Provisioning.