We improved our ACME protocol, adding support for the Signed HTTP Exchange certificate profile option. Now, you can use your ACME client to order OV and EV SSL/TLS certificate with the CanSignHttpExchanges extension included.

First create the ACME Directory URL for your Signed HTTP Exchanges certificate. Then use your ACME client to issue and install the certificate with the CanSignHttpExchanges extension.

See ACME Directory URLs for Signed HTTP Exchange certificates and ACME user guide.

Background

The Signed HTTP Exchange certificate profile option is used to address the AMP URL display issue where your brand isn’t displayed in the address bar. See Display better AMP URLs with Signed Exchanges and Get your Signed HTTP Exchanges certificate.

This profile option allows you to include the CanSignHTTPExchanges extension in OV and EV SSL/TLS certificates. Once enabled for your account, the Include the CanSignHttpExchanges extension in the certificate option appears on your Add ACME Directory URL forms.

To enable this certificate profile for your account, please contact your account manager or contact our Support team.

We updated the information icons in the list of ACME Directory URLs on the Account Access page to help you quickly identify certificates that include a certificate profile option (for example, Signed HTTP Exchanges).

In the sidebar menu, click Account > Account Access. On the Account Access page, in the ACME Directory URLs section, click an information icon to see details about the certificate that can be ordered via the ACME Directory URL.

In the DigiCert Services API, we improved the List keys endpoint response parameters, enabling you to see ACME Directory URLs. Now, when you call the List keys endpoint, we return ACME URL (acme_urls) as well as API key (api_keys) information in the response.

In the DigiCert Services API, we improved the Get key info endpoint, enabling you to get details about ACME Directory URLs.

Include the ACME Directory URL ID in the call to the Get key info endpoint (/key/{{key_id}} where key_id is the ACME Directory URL ID) to get information about an ACME Directory URL.