Sectigo launched its Model Context Protocol (MCP) server for Certificate Manager on June 2, 2026, marking general availability worldwide. This release lets enterprise IT teams delegate TLS certificate lifecycle tasks—issuance, renewal, revocation—to governed AI agents. The server bridges popular AI assistants and Sectigo's certificate management platform, giving administrators a secure, auditable way to automate digital identity workflows.

MCP, first proposed by Anthropic in late 2024, is an open protocol that standardizes how AI models interact with external tools and data sources. A growing ecosystem of MCP servers exposes enterprise systems to language models through well-defined functions. Sectigo’s implementation is among the first to address certificate management, a critical pain point for organizations juggling thousands of domain, organization, and extended validation certificates.

Administrators can now ask an AI agent to “provision a new multi-domain SSL certificate for our e-commerce site, valid for one year, with automatic renewal 30 days before expiry,” and the agent will execute the necessary steps—subject to role-based policies—without human intervention. That shift promises to reduce manual errors that cause outages and compliance failures.

How the Sectigo MCP Server Works

At its core, the MCP server exposes a set of pre-defined tools, or “commands,” that an AI client can invoke: issue_certificate, renew_certificate, revoke_certificate, list_certificates, and audit_log. Each function maps to an API endpoint in Sectigo Certificate Manager. When Claude Desktop, a custom AI application, or any MCP-compatible client requests a certificate operation, the server validates the request against the organization’s governance rules before forwarding it to the platform.

Governance is the differentiator. Enterprises configure policies in Certificate Manager that limit which domains, organization units, and key types an AI agent may touch. For example, a policy can restrict production wildcard certificates to manual approval, while staging environment certificates can be fully automated. The MCP server enforces these constraints, ensuring an AI agent never exceeds its authority. All actions are logged with the agent’s identity, timestamp, and the policy decision, providing a full audit trail.

The server runs as a lightweight Node.js process inside the customer’s network or cloud environment. It authenticates using Sectigo’s API credentials and communicates with the AI client via the MCP JSON-RPC transport over local stdio or HTTP. This architecture keeps certificate private keys out of the AI client’s reach—the server never handles key material. Instead, Certificate Manager’s existing secure key generation and storage mechanisms remain unchanged.

AI-Driven TLS Lifecycle Automation

TLS certificate management has long been a fragile manual process. Letting certificates expire causes service disruptions; renewing them incorrectly triggers browser warnings. Large enterprises manage tens of thousands of certificates across diverse devices, often using spreadsheets and calendar reminders. The Sectigo MCP server replaces that toil with conversational intent.

An AI assistant powered by the server can:

  • Discover all certificates approaching expiry and present a prioritized list of actions.
  • Renew certificates in bulk, respecting staggered renewal windows.
  • Provision new certificates for new domains or applications as part of a DevOps pipeline, triggered by a chat command.
  • Revoke compromised certificates instantly, across all endpoints, using the agent’s security context.

Because the AI model understands natural language, it can interpret nuanced instructions. “Make sure the new cert covers both the apex domain and the 'shop' subdomain” is translated into a precise issue_certificate call with the correct Subject Alternative Names. The agent also reports back in plain language, confirming the action and presenting the certificate’s fingerprint and validity period.

The Sectigo MCP server works with any MCP-compatible client, but initial testing and documentation target Anthropic’s Claude 3.5 Sonnet and later models. IT teams can install the server on a jump host, configure Claude Desktop to connect over local stdio, and begin issuing certificate commands within minutes. For enterprise AI platforms that support MCP over HTTP, such as custom implementations built with LangChain or LlamaIndex, the server exposes an HTTP endpoint with token-based authentication.

Sectigo has also published a ready-to-use configuration file for Cursor, the AI code editor, allowing developers to interact with Certificate Manager directly from their IDE. A developer working on a Kubernetes deployment can ask the AI assistant to “generate a TLS secret for the new staging cluster,” and the assistant will call the Sectigo MCP server, obtain the certificate, and inject it into the deployment manifest—all without leaving the editor.

Enterprise Governance and Compliance

Unfettered AI access to certificate management raises legitimate security concerns. A misconfigured agent could issue costly certificates, revoke production assets, or expose sensitive metadata. Sectigo’s governance layer eliminates that risk through a multi-tier policy engine.

Administrators define “AI identities” in Certificate Manager, each bound to a specific MCP server instance. Each identity carries a set of permissions: allowed domains, certificate types, maximum validity periods, and required approvals. When an AI agent sends a request, the server checks the identity’s permissions against the operation. If the operation triggers an approval step—such as a three-eyes check for a wildcard certificate—the server pauses the workflow and notifies the designated approver via email or Slack. The request remains pending until a human grants it.

All interactions leave an immutable audit trail. The server logs every command, the policy decision, the certificate details, and the final outcome to the enterprise’s SIEM or log analytics platform. This aligns with frameworks like SOC 2, ISO 27001, and NIST SP 800-53, which require meticulous monitoring of automated changes to cryptographic assets. Compliance officers can query the logs to demonstrate that AI-assisted certificate management follows documented procedures.

Impact on Windows-Centric Environments

Although Sectigo’s announcement embraces the open MCP standard, it carries particular weight for Windows shops. Microsoft’s own AI offerings—Copilot, Azure AI, and the forthcoming Windows AI platform—are increasingly MCP-aware. The forthcoming Windows 11 24H2 update, expected later in 2026, includes native MCP client support, according to Microsoft’s roadmap. Enterprises that standardize on Windows and Sectigo Certificate Manager will soon be able to tell Copilot, “Renew the EV certificate for our intranet portal,” and see it done in seconds.

Windows Server administrators managing Active Directory Certificate Services (AD CS) alongside Sectigo’s public CA will also benefit. The MCP server can orchestrate cross-platform workflows: for example, requesting a public Sectigo certificate for a load balancer and then pushing the issued certificate to the Windows certificate store via a separate tool. An AI agent, guided by a single prompt, could handle the entire chain, drastically simplifying hybrid PKI operations.

Availability and Licensing

Sectigo MCP for Certificate Manager is available immediately as an open-source Node.js package under the Apache 2.0 license, hosted on npm and GitHub. The server requires a Sectigo Certificate Manager enterprise account with API access. While the server itself is free, all certificate transactions are billed according to the customer’s existing Certificate Manager plan. Sectigo has not announced a separate license for the MCP component, reinforcing its strategy of driving usage through its core certificate lifecycle management platform.

Enterprises can download the package from the npm registry:

npm install -g @sectigo/mcp-certificate-manager

Configuration is straightforward: a JSON file specifying the API endpoint, authentication token, and policy bindings. A Dockerfile is included for teams that prefer containerized deployment. Sectigo’s documentation walks through integration with Claude Desktop, Cursor, and generic HTTP clients. Community contributions for other AI platforms are encouraged.

Developer and Community Reception

Early feedback from the developer community has been overwhelmingly positive. In the days following the GA announcement, GitHub stars on the repository surged past 2,000, and a growing number of enterprise architects shared their integration stories on LinkedIn. Several open-source maintainers have already submitted MCP server extensions for related PKI tools, signaling a nascent ecosystem around AI-driven certificate management.

On the Hacker News discussion, participants praised Sectigo’s governance model as a “blueprint for safe AI in critical infrastructure.” Others noted that the server’s simplicity lowers the barrier for smaller organizations that cannot afford dedicated PKI staff. One contributor from a Fortune 500 company reported that initial tests reduced certificate renewal tickets by over 80% within the first week.

The most requested feature in community forums is support for ACME protocol integration, which would allow the MCP server to interact with Let’s Encrypt or internal ACME CAs. Sectigo’s product managers have acknowledged the request and hinted at a future update, though no timeline has been committed.

The Road Ahead: Expanding the MCP Ecosystem

Sectigo’s move validates MCP as a viable standard for connecting AI to real-world infrastructure. Other certificate authorities are likely to follow, either by building their own MCP servers or by adopting a common framework. Already, the Cloud Security Alliance has formed a working group to define best practices for AI agents managing cryptographic materials, with Sectigo as a founding member.

For enterprise IT leaders, the announcement represents a practical step toward agentic automation without sacrificing control. As AI assistants become ubiquitous in the workplace, the ability to grant them tightly scoped, auditable access to sensitive operations will separate leaders from laggards. The Sectigo MCP server demonstrates how an open protocol, combined with rigorous governance, can turn a known headache—TLS certificate management—into a background function handled by an always-on AI agent.

Windows-focused organizations that have been cautious about AI in operations now have a concrete, governed path to experiment. By starting with a well-defined domain like certificate lifecycle, they can build confidence in AI agents while gaining immediate efficiency gains. The next 18 months will likely see MCP servers proliferate across identity, networking, and device management—all areas where Windows and Microsoft 365 dominate. For now, the Sectigo MCP server offers a compelling glimpse of the AI-powered enterprise.