Filtering by: EV SSL certificates x clear
new

We've added a new certificate profile option, OCSP Must-Staple, that allows you to include the OCSP Must-Staple extension in OV and EV SSL/TLS certificates. Once enabled for your account, the Include the OCSP Must-Staple extension in the certificate option appears on your SSL/TLS certificate request forms under Additional Certificate Options.

Note: Browsers with support for OCSP must-staple may display a blocking interstitial to users accessing your site. Ensure that your site is configured to properly and robustly serve stapled OCSP Responses before installing the certificate.

To enable a certificate profile for your account, reach out to your account representative or contact our Support team.

Other available certificate profile options

If enabled for your account, these profile options appear on your SSL/TLS certificate request forms under Additional Certificate Options.

  • Intel vPro EKU
    Allows you to include the Intel vPro EKU field in OV SSL/TLS certificates.
  • KDC/SmartCardLogon EKU
    Allows you to include the KDC/SmartCardLogon EKU (Extended Key Usage) field in OV SSL/TLS certificates.
  • HTTP Signed Exchange
    Allows you to include the CanSignHTTPExchanges extension in OV and EV SSL/TLS certificate (see Improve your AMP URLs with Signed HTTP Exchange).
  • Delegated Credentials
    Allows you to include the DelegationUsage extension in OV and EV SSL/TLS certificates.
new

We've added a new certificate profile option, Delegated Credentials, that allows you to include the DelegationUsage extension in OV and EV SSL/TLS certificates. Once enabled for your account, the Include the DelegationUsage extension in the certificate option appears on your SSL/TLS certificate request forms under Additional Certificate Options.

To enable a certificate profile for your account, reach out to your account representative or contact our Support team.

Background

The Delegated Credentials for TLS extension is under active development within the Internet Engineering Task Force (IETF). In order to support interoperability testing, we’ve added the ability to issue certificates compliant with the current draft specification. Note that there may be multiple changes to the draft as industry development continues.

Other available certificate profile options

If enabled for your account, these profile options appear on your SSL/TLS certificate request forms under Additional Certificate Options.

  • Intel vPro EKU
    Allows you to include the Intel vPro EKU field in an OV SSL/TLS certificate.
  • KDC/SmartCardLogon EKU
    Allows you to include the KDC/SmartCardLogon EKU (Extended Key Usage) field in an OV SSL/TLS certificate.
  • HTTP Signed Exchange
    Allows you to include the CanSignHTTPExchanges extension in an OV and EV SSL/TLS certificate (see Improve your AMP URLs with Signed HTTP Exchange).
  • OCSP Must-Staple
    Allows you to include the OCSP Must-Staple extension in OV and EV SSL/TLS certificates.
enhancement

We enhanced the DigiCert Services API request endpoints enabling you to get faster responses to your certificate requests.

enhancement

We made it easier to Add Contacts for OV certificate orders (Standard SSL, Secure Site SSL, etc.). Now when you order an OV certificate, we populate the Organization Contact card for you. If needed, you can add a technical contact.

  • When adding a CSR that includes an existing organization in your account, we populate the Organization Contact card with the contact assigned to that organization.
  • When you manually add an existing organization, we populate the Organization Contact card with the contact assigned to that organization.
  • When you add a new organization, we populate the Organization Contact card with your contact information.

To use a different organization contact, delete the one populated automatically and manually add one.

enhancement

We made it easier to Add Contacts for EV certificate orders (EV SSL, Secure Site EV SSL, etc.). Now when you order an EV certificate, we will populate the Verified Contact cards for you if EV verified contact information is available in your account. If needed, you can add organization and technical contacts.

  • When adding a CSR that includes an existing organization in your account, we populate the Verified Contact card with the EV verified contacts assigned to that organization.
  • When you manually add an existing organization, we populate the Verified Contact card with the EV verified contacts assigned to that organization.

Assigning Verified Contacts to an organization is not a prerequisite for adding an organization. There may be instances were verified contact information won't be available for an organization. In this case, manually add the Verified Contacts.

new

We added a new Add contact feature to the OV SSL/TLS certificate request forms allowing you to add a single technical contact and a single organization contact during the request process.

Previously, you were unable to add contacts when ordering OV SSL/TLS certificates (such as Secure Site SSL and Multi-Domain SSL certificates).

Note: A technical contact is someone we can contact should problems arise while processing your order. An organization contact is someone we can contact when completing the organization validation for your certificate.

enhancement

We enhanced the Add contact feature on the EV SSL/TLS certificate request forms allowing you to add a single technical contact and a single organization contact during the request process.

Previously, you could only add Verified Contacts (for EV) when ordering EV SSL/TLS certificates (such as Secure Site EV and EV Multi-Domain SSL).

Note: A technical contact is someone we can contact should problems arise while processing your order. An organization contact is someone we can contact when completing the organization validation for your certificate.