We fixed a bug in CertCentral where "hidden" organizations prevented certificate request forms from opening. To fix this issue, we no longer include hidden organizations in the list of available organizations on the certificate request forms.
What if I want to add a "hidden" organization to a certificate request?
To include a "hidden" organization in the list of available organizations on your certificate request forms, simply unhide it.
The next time you order a certificate, the organization will appear in the list of available organizations on the certificate request form.
Note: This change only affects the CertCentral user interface (UI). The API supports adding "hidden" organizations to your requests; you don’t need to unhide an organization to add it to a certificate request.
Legacy account upgrades to CertCentral
In the DigiCert Service API, we added a new endpoint—DigiCert order ID—to make it easier to find the corresponding DigiCert order IDs for your migrated legacy Symantec orders.
After you migrate your active, public SSL/TLS certificate orders to your new account, we assign a unique DigiCert order ID to each migrated legacy Symantec SSL/TLS certificate order.
For more information:
In the DigiCert Services API, we added four new endpoints for ordering the new more flexible Basic and Secure Site SSL/TLS certificates. These more flexible SSL/TLS certificates make it easier to get the certificate to fit your needs and will replace the old Basic and Secure Site products.
Use these endpoints to place new orders and renewal orders only. They cannot be used to convert existing Basic or Secure Site certificate orders.
To activate any of these new certificates for your CertCentral account, contact your account manager or our Support team.
Flexible OV and EV certificates
These certificates provide the encryption and authentication you've come to expect from DigiCert SSL/TLS certificates, while allowing you to build an OV or EV certificate with a mix of whatever domains and wildcard domains* are needed to fit your needs.
*Note: Industry standards support wildcard domains in OV SSL/TLS certificates only. EV SSL/TLS certificates don't support the use of wildcard domains.
We enhanced our SSL/TLS and client certificate product offerings, enabling you to set a custom validity period (in days) when ordering one of these certificates. Previously, you could only choose a custom expiration date.
Custom validity periods start on the day we issue the certificate. Certificate pricing is prorated to match the custom certificate length.
Note: Custom certificate lengths can't exceed the industry allowed maximum lifecycle period for the certificate. For example, you can't set a 900-day validity period for an SSL/TLS certificate.
We enhanced the SSL/TLS and Client certificate endpoints to include a new validity_days parameter that allows you to set the number of days that the certificate is valid for.
Parameter Priority Note: If you include more than one certificate validity parameter in your request, we prioritize the certificate validity parameters in this order: custom_expiration_date > validity_days > validity_years.
For DigiCert Services API documentation, see CertCentral API.
We enhanced the functionality of the Domain management – Get domain control emails API endpoint. You can now use the domain name to retrieve the Domain Control Validation (DCV) email addresses (WHOIS-based and constructed) for any domain.
Previously, you had to have the domain ID to retrieve the DCV email addresses. However, for a domain to have an ID, you had to submit it for pre-validation.
Now, you can use either the domain name or the domain ID with the Domain management – Get domain control emails endpoint to retrieve the DCV email addresses (WHOIS-based and constructed) for a domain. See the Get domain emails endpoint.
We added a new Order Management - Revoke Certificate API endpoint that allows you to use the order ID to revoke all certificates associated with a single order, making it easier to use the API to revoke an issued certificate. This assures that any duplicates or reissues associated with the order are revoked all at once.
Note: After you submit the certificate revocation request, an administrator will need to approve the request before DigiCert can revoke the certificates associated with the order. See the Update Request Status API endpoint.