BlogSupportDocumentation
TigerTrust
Getting Started

Installation Guide

Step-by-step instructions to install the TigerTrust agent.

Agent Installation

The TigerTrust agent is a lightweight Go binary that runs on your infrastructure to discover and manage certificates.

Prerequisites

  • Operating System: Linux (amd64/arm64), macOS (amd64/arm64), or Windows (amd64)
  • Network: Outbound HTTPS access to your TigerTrust collector endpoint
  • Permissions: Read access to certificate directories, write access for deployment

Quick Install (Linux/macOS)

# Download the latest agent
curl -LO https://releases.tigertrust.io/agent/latest/tigertrust-agent-linux-amd64

# Make executable
chmod +x tigertrust-agent-linux-amd64

# Move to system path
sudo mv tigertrust-agent-linux-amd64 /usr/local/bin/tigertrust-agent

# Verify installation
tigertrust-agent --version

Windows Installation

  1. Download the Windows agent from releases.tigertrust.io
  2. Extract to C:\Program Files\TigerTrust\agent.exe
  3. Open PowerShell as Administrator and run:
# Verify installation
& "C:\Program Files\TigerTrust\agent.exe" --version

Configuration

Create the configuration file at /etc/tigertrust/agent.yaml:

agent:
  id: ""  # Auto-generated if empty
  capabilities:
    - fs-scan
    - cert-renewal
    - csr-generation
    - cert-deploy

collector:
  base_url: "https://collector.tigertrust.io"
  api_key: "ak_your_api_key_here"
  poll_interval: 30
  timeout: 10

discovery:
  local:
    enabled: true
    scan_paths:
      - /etc/ssl
      - /etc/pki/tls/certs
      - /opt/app/certs
    include_patterns:
      - "*.pem"
      - "*.crt"
      - "*.cer"
    max_file_size: 10485760

logging:
  level: info
  format: json

Running as a Service (systemd)

Create /etc/systemd/system/tigertrust-agent.service:

[Unit]
Description=TigerTrust Agent
After=network.target

[Service]
Type=simple
User=tigertrust
ExecStart=/usr/local/bin/tigertrust-agent -config=/etc/tigertrust/agent.yaml
Restart=always
RestartSec=10

[Install]
WantedBy=multi-user.target

Enable and start the service:

sudo systemctl daemon-reload
sudo systemctl enable tigertrust-agent
sudo systemctl start tigertrust-agent
sudo systemctl status tigertrust-agent

Docker Installation

docker run -d \
  --name tigertrust-agent \
  -v /etc/tigertrust:/etc/tigertrust \
  -v /etc/ssl:/etc/ssl:ro \
  -v /etc/pki:/etc/pki:ro \
  tigertrust/agent:latest

Verify Installation

# Check agent info
tigertrust-agent --info

# Test collector connection
tigertrust-agent --test-connection

The agent will automatically:

  1. Register with the collector
  2. Run initial certificate discovery
  3. Submit discovered certificates to TigerTrust
  4. Begin polling for tasks

Continue to the Quick Start Guide for your first certificate renewal.