CertCentral Services API: Domain locking API endpoints
DigiCert is happy to announce our domain locking feature is now available in the CertCentral Services API.
Note: Before you can use the domain locking endpoints, you must first enable domain locking for your CertCentral account. See Domain locking – Enable domain locking for your account.
New API endpoints
Updated API endpoints
We updated the response for the Domain info and List domains endpoints to include the following parameters with domain lock details:
domain_locking_status
(string)account_token
(string)To learn more, see:
Industry standards allow a Certificate Authority (CA) to issue an SSL/TLS certificate for a domain that only has CAA records containing no "issue"/"issuewild" property tags.
When a CA queries a domain's CAA RRs and finds records with no "issue" or "issuewild" property tags in them, a CA can interpret this as permission to issue the SSL/TLS certificate for that domain. See Ballot 219: Clarify handling of CAA Record Sets with no "issue"/"issuewild" property tag.
To learn more about the CAA RR check process, see our DNS CAA Resource Record Check page.