CertCentral Services API: Site seal enhancements
To help you manage your site seals in your API integrations, we’ve made the following updates to the CertCentral Services API:
Related topics:
CT Log monitoring
We are happy to announce that Secure Site Pro certificates now come with access to a CT Log monitoring service. CT Log monitoring allows you to monitor the public CT logs for SSL/TLS certificates issued for the domains on your Secure Site Pro certificate order, in real time.
CT Log monitoring is a cloud service so there is nothing to install or manage. After we've issued your Secure Site Pro certificate and turned CT Log monitoring on for the order, you can start using the service immediately to monitor the domains on the certificate order.
The CT Log monitoring benefit for Secure Site Pro certificates is retroactive. To access your CT Log monitoring for your issued and active Secure Site Pro certificate order, contact your account manager or our support team.
CT Log monitoring helps you:
The service pulls the discovered SSL/TLS certificates into your CertCentral account, where you can view details about the certificates to quickly identify any misissued certificates for your domains. You can also download copies of the non-DigiCert certificates right from your CertCentral account.
Email notifications
After you've enabled CT Log monitoring for a Secure Site Pro certificate order, you'll receive two types of email notifications: Daily CT log digest and if needed, Urgent notifications. Email notifications are sent to account admins and allow them to check the CT logs for their domains without signing in to their CertCentral account every day.
To learn more about what's included with each Secure Site Pro certificate, see Pro TLS/SSL Certificates. To learn more about enabling CT log monitoring for a Secure Site Pro certificate order. see Enable CT log monitoring.
In the DigiCert Services API, we added two new Order info endpoints. Now, you can use the order ID, the certificate's serial number, or the certificate's thumbprint to view the details for a certificate order.
Currently, these new endpoints only retrieve data for the primary certificate. For more information on the Services API, see our Developers portal.
PQC dockerized toolkit guide available now
Secure Site Pro Secure Site Pro certificates come with access to the DigiCert post-quantum cryptographic (PQC) toolkit. To create your own PQC test environment, use one of these options:
Our toolkits contain what you need to create a hybrid SSL/TLS certificate. The hybrid certificate in the toolkits uses a PQC algorithm paired with an ECC algorithm allowing you to test the feasibility of hosting a post-quantum, backwards compatible hybrid certificate on your website.
Note: To access your PQC toolkit, go to your Secure Site Pro Certificate's Order # details page. (In the sidebar menu, click Certificates > Orders. On the Orders page, click the order number link for your Secure Site Pro certificate. On the certificate's order details page, click PQC toolkit.)
To learn more about post-quantum cryptography, see Post-Quantum Cryptography. To learn more about what's included with each Secure Site Pro certificate, see Pro TLS/SSL Certificates.
DigiCert is happy to announce we made it easier for DigiCert Accounts using the Retail API to upgrade to our new Certificate Management Platform, DigiCert CertCentral—For free!
To make the upgrade as seamless as possible, we shimmed these Retail API endpoints:
Now, you can upgrade your DigiCert Account without any interruptions to your API integrations. Once you're upgraded, make plans to build new integrations with CertCentral.
For information about the DigiCert Retail API, see Documentation for the DigiCert Retail API.
Secure Site Pro certificates now come with access to the DigiCert post-quantum cryptographic (PQC) toolkit. Our toolkit contains what you need to create a hybrid SSL/TLS certificate. The hybrid certificate in the toolkit uses a PQC algorithm paired with an ECC algorithm allowing you to test the feasibility of hosting a post-quantum, backwards compatible hybrid certificate on your website.
Note: The PQC benefit for Secure Site Pro certificates is retroactive. To access your PQC toolkit, go to your Secure Site Pro Certificate's Order # details page. (In the sidebar menu, click Certificates > Orders. On the Orders page, click the order number link for your Secure Site Pro certificate. On the certificate's order details page, click PQC toolkit.)
To learn more about post-quantum cryptography and our PQC toolkit:
To learn more about what's included with each Secure Site Pro certificate, see Pro TLS/SSL Certificates.
Secure Site Pro TLS/SSL certificates are now included in all CertCentral accounts. For everything you need to know about these certificates, see DigiCert Secure Site Pro.
In your account, in the sidebar menu, hover over Request a Certificate. Under Business SSL Certificates, you’ll find the new Secure Site Pro certificates.
We've updated the CertCentral SAML Federation Settings, enabling you to keep your Federation Name from appearing in the list of IdPs on the SAML Single Sign-On IdP Selection and SAML certificate requests IdP Selection pages.
Now, on the Federation Settings page, under Your IDP's Metadata, we added the Include Federation Name option. If you want to keep your Federation Name from appearing in the list of IdPs on the IdP Selection page, uncheck Add my Federation Name to the list of IdPs.
Secure Site Pro TLS/SSL certificates are available in CertCentral. With Secure Site Pro, you're charged per domain; no base certificate cost. Add one domain, get charged for one. Need nine domains, get charged for nine. Secure up to 250 domains on one certificate.
We offer two types of Secure Site Pro certificates, one for OV certificates and one for EV certificates.
Benefits included with each Secure Site Pro certificate
Each Secure Site Pro certificate includes – at no extra cost – first access to future premium feature additions to CertCentral (e.g., CT log monitoring and validation management).
Other benefits include:
To activate Secure Site Pro certificates for your CertCentral account, contact your account manager or our support team.
To learn more about our Secure Site Pro certificates, see DigiCert Secure Site Pro.
Public SSL certificates can no longer secure domain names with underscores ("_"). All previously issued certificates with underscores in domain names must expire prior to this date.
Note: The preferred underscore solution is to rename the hostnames (FQDNs) that contain underscores and replace the certificates. However, for those situations where renaming is not possible, you can use private certificates and, in some cases, you can use a wildcard certificate that secures the entire domain.
For more details, see Retiring Underscores in Domain Names.