Filtering by: certcentral x clear

April 2, 2019

new

We are happy to announce the new DigiCert Documentation Portal. The new site has a modern look and feel and contains streamlined, task-based help documentation, product news, the change log, and API developer documentation.

We are also happy to announce the new DigiCert Developers Portal is out of beta. The developer site has a modern look and feel and contains information about the available endpoints, uses cases, and workflows.

Tips and tricks

  • You can access the documentation portal at www.digicert.com in the top menu under Support (click Support > Documentation).
  • In our documentation, hover on a subheader and click the hashtag icon. This creates a URL in the browser's address bar so you can bookmark or link to specific sections in the instructions.

Coming soon

Get started will contain information to help you get acquainted with the features in your account.

January 7, 2019

enhancement

We improved the look and feel of our DigiCert account sign in page (www.digicert.com/account/), bringing it up to date with the design of our certificate management platform, CertCentral.

See Redesigned DigiCert Account Sign In Page.

new

RapidSSL and GeoTrust DV certificates are available in CertCentral:

  • RapidSSL Standard DV
  • RapidSSL Wildcard DV
  • GeoTrust Standard DV
  • GeoTrust Wildcard DV

Documentation

enhancement

We enhanced the functionality of the Domain management – Get domain control emails API endpoint. You can now use the domain name to retrieve the Domain Control Validation (DCV) email addresses (WHOIS-based and constructed) for any domain.

Previously, you had to have the domain ID to retrieve the DCV email addresses. However, for a domain to have an ID, you had to submit it for pre-validation.

Now, you can use either the domain name or the domain ID with the Domain management – Get domain control emails endpoint to retrieve the DCV email addresses (WHOIS-based and constructed) for a domain. See the Get domain emails endpoint.

October 17, 2018

new

We added a new Order Management - Revoke Certificate API endpoint that allows you to use the order ID to revoke all certificates associated with a single order, making it easier to use the API to revoke an issued certificate. This assures that any duplicates or reissues associated with the order are revoked all at once.

Note: After you submit the certificate revocation request, an administrator will need to approve the request before DigiCert can revoke the certificates associated with the order. See the Update Request Status API endpoint.

For more information about the new endpoint and other publicly available endpoints, see the Revoke Certificate API endpoint in our CertCentral API documention.

new

Secure Site TLS/SSL certificates are available in CertCentral:

  • Secure Site SSL
  • Secure Site EV SSL
  • Secure Site Multi-Domain SSL
  • Secure Site EV Multi-Domain SSL
  • Secure Site Wildcard SSL

To activate Secure Site certificates for your CertCentral account, contact your Sales representative.

Benefits included with each Secure Site certificate:

  • Priority validation
  • Priority support
  • Two premium site seals
  • Industry-leading warranties

To learn more about our Secure Site certificates, see DigiCert Secure Site Overview.
Additional Resources:

fix

Updates to the full SHA256 EV hierarchy certificate profile

On September 27, 2018, we removed the Symantec policy OID from EV TLS certificates issued from the full SHA256 EV hierarchy [DigiCert Global G2 Root => DigiCert Global G2 Intermediate => EV TLS/SSL certificate].

Problem: Chrome bug on macOS

July 2018, we discovered a bug in Chrome on macOS where it wasn't showing the EV indicator for EV TLS certificate with more than two policy OIDs – https://bugs.chromium.org/p/chromium/issues/detail?id=867944.

Solution

We removed the Symantec policy OID from the full SHA256 EV hierarchy certificate profile. With this change, Chrome on macOS again showed the EV indicator for the EV TLS certificates issued from the full SHA256 EV hierarchy.

Affected EV TLS certificates

EV TLS certificates (from the full SHA256 EV hierarchy) issued after January 31, 2018 and prior to September 27, 2018 contain these three policy OIDs in the Certificate Extension - Certificate Policies:

  • 2.16.840.1.114412.2.1 (DigiCert OID)
  • 2.16.840.1.113733.1.7.23.6 (Symantec OID)
  • 2.23.140.1.1 (CAB/F OID)

What do I need to do?

  • Do you have an EV TLS certificate that is not showing the EV indicator in Chrome on macOS?
    Please replace (reissue) your EV TLS certificate to show the EV indicator in Chrome on macOS.
    Full SHA256 EV TLS certificates issued as of September 27, 2018 contain only two policy OIDs in the Certificate Extension - Certificate Policies:
    • 2.16.840.1.114412.2.1 (DigiCert OID)
    • 2.23.140.1.1 (CAB/F OID)
  • What about other types of certificates?
    For all other types of certificates, no action is required.

September 17, 2018

fix

We fixed an Order details page bug where information not relevant to a certificate order was being displayed on the page.

Now, when you visit your TLS/SSL, Code Signing, EV Code Signing, Client, and Document Signing certificate Order details pages, only information relevant to that order will be displayed.

September 13, 2018

enhancement

We enhanced the Add Organization step of the TLS/SSL certificate ordering process.

Previously, you were required to add a new organization before requesting your certificate (Certificates > Organizations). Additionally, the new organization was not available on the Certificate Request page until we completed its organization validation.

With this improvement, you can add a new organization as part of the request process. Note that because the organization is not pre-validated, DigiCert will need to validate the new organization before we can issue your certificate.

Note: When adding a new organization from a Certificate Request page, the requestor (person ordering the certificate) becomes the contact for the new organization.

When ordering a TLS/SSL certificate, you can still choose to use an existing, pre-validated organization.

Editing a Request

Before a TLS/SSL certificate request is approved, you can Edit the request and add a new organization. The person who adds the new organization becomes the contact for the new organization.

new

We added a new Add Contacts feature to the EV TLS/SSL certificate request process that lets you assign an existing CertCentral user (admin, manager, finance manager, or user) as the verified EV contact for the organization as part of the request process.

Previously, you were required to assign a verified EV contact to an organization before requesting your certificate (Certificates > Organizations).

Allow non-CertCentral account users to be used as verified contacts enabled

On the Division Preferences page (Settings > Preferences), in the Advance Settings section, under Verified Contacts, you can allow non-CertCentral account users to be used as verified contacts (check Allow non-DigiCert users to be used as verified contacts).
With the non-CertCentral user feature enabled, when adding verified contacts as part of the EV certificate request process, you will see two options: Existing Contact and New Contact. The Existing Contact option lets you assign a CertCenrtal user as the verified EV contact. The New Contact option lets you enter information for a non-CertCentral account user.

September 11, 2018

enhancement

We added a Skip Approval Step feature that lets you remove the approval step from your SSL, Code Signing, and Document Signing certificate order processes.

Note: Admin approvals are still required for certificate revocations, Guest URL certificate requests, and Finance Manager, Standard User, and Limited User certificate requests.

You can activate this feature on the Division Preferences page (Settings > Preferences). In the Certificate Request section (expand Advanced Settings), under Approval Steps, select Skip approval step: remove the approval step from your certificate order processes and then click Save Settings.

Note: These orders don't require an approval, so they won't be listed on the Requests page (Certificates > Requests). Instead, these orders will only appear on the Orders page (Certificate > Orders).

September 6, 2018

new

We added a new Get Order Status Changes endpoint that allows those using the DigiCert Services API to check on the status of all certificate orders within a specified time range up to a week.

For more information about this new endpoint, see Order Management – Get Order Status Changes in our Documentation for the DigiCert Services API.

fix

We fixed a CT log messaging bug where we indicated that Private or other non-public SSL/TLS certificates were logged to CT logs when in fact they hadn’t been.

Note: DigiCert doesn't log Private SSL/TLS and non-SSL/TLS certificates to CT logs. The industry only uses the CT logs for public SSL/TLS certificates.

Now when you review the certificate details for your Private SSL/TLS or non-SSL/TLS certificates (for example, Client certificates), you won’t see any CT logging information.

fix

We fixed a search feature bug on the Orders page (Certificates > Orders) where you were unable to use the common name to search for a client certificate.

Now, when you use a common name to Search for a specific client certificate, your results will be returned when a match exists.

September 5, 2018

fix

We fixed a Certificate Service Agreement UI bug where certain characters and symbols were being displayed with improper encoding.

Now when you read through the Certificate Service Agreement, each character and symbol will have the proper coding.

August 31, 2018

fix

We fixed a Limited User role bug. When an administrator assigned a Limited User to a certificate order, the limited user didn't receive the necessary permissions to renew, reissue, or revoke the certificate.

Now, when a Limited User is assigned to a certificate order, they can renew, reissue, or revoke the certificate.

August 29, 2018

fix

We fixed a Search feature bug and a Division filter bug on the Requests page (Certificates > Requests).

Now, when you use a Request ID, Order ID, common name, etc. to Search for a specific request, your results will be returned when a match exists. Also, the Division filter will return the requests for the selected division.

fix

We fixed a Pending Cert Request widget bug on the CertCentral Dashboard.

Now, the number of pending certificate requests (new and revoke requests) in the Pending Cert Requestwidget will match the number of pending certificate requests on the Requests page (Certificates > Requests).

August 28, 2018

new

New Change CSR feature added. This feature allows you to change the CSR on pending certificate orders (after they've been approved and before they've been issued).

On the Orders page (Certificates > Orders), locate the pending certificate order and click its Order number link. On the Order details page, in the Validation in Progress section under You Need To, click the Change CSR link to change the CSR.

Note: For certificate request awaiting approval, you can change the CSR before it's been approved. On the Requests page (Certificates > Requests), locate the pending certificate request and click its Order number link. In the Request details pane on the right, click the Edit link to change the CSR.

CertCentral API: New Change CSR Endpoint

We've also added a Change CSR endpoint that allows those using the DigiCert Services API to change the CSR on a pending SSL/TLS certificate. For more information about this new endpoint, see Order Management – Add CSR in our Documentation for the DigiCert Services API.

new

Beta roll out of language support in CertCentral.

Language support allows you to change and save your CertCentral platform language preference.

CertCentral Platform Languages:

  • Deutsch
  • Español
  • Français
  • Italiano
  • 日本語
  • 한국어
  • Português
  • Русский
  • 简体中文
  • 繁體中文
  • English

Want to try out the language support coming to CertCentral?

In your account, in the top right corner, in the "your name" drop-down list, select My Profile. On the Profile Settings page, in the Language drop-down list, select one of the languages and then click Save Changes.

See CertCentral: Change and Save Your Language Preference.

July 23, 2018

new

New Cancel Order feature added. This feature enables you to cancel pending certificate orders (after they have been approved and before they have been issued).

On the Orders page (in the sidebar menu, click Certificate > Orders), locate the pending certificate order. Then on the Order details page, in the Certificate Actions section, you can cancel it.

Note: For certificate requests awaiting approval, an approver must reject the request. For certificates that have been issued, an administrator must revoke the certificate.

July 6, 2018

new

New advanced search filter added to the Orders page (in the sidebar menu, click Certificate > Orders and then on the Orders page, click the Show Advanced Search link).

This feature enables you to search for client certificates by the recipient’s email address.

May 16, 2018

fix

Fixed Single Sign-on bug. When an SSO only user request a CertCentral password reset, they will no longer receive the password reset email.

Now, they will receive an email that directs them to log in using SSO and asks them to contact their CertCentral account manager if a different type of account access is required.

April 16, 2018

new

New feature added to pending orders' details page (click Certificates > Orders and then click a pending order's number link). This feature enables you to complete the domain control validation (DCV) for domains on pending orders.

When you see an order is waiting on domain validation to be completed before it can be issued, click on the pending domain link to open the Prove Control Over Domain popup window. In this window, you can select or change your DCV method and complete that domain's validation (send or resend emails, check DNS TXT record, etc.). See Domain Validation (Pending Order): Domain Control Validation (DCV) Methods.

March 15, 2018

enhancement

Enhancements to Order # pages (click Certificates > Orders and then click an Order # link) and Order # detail panes (click Certificates > Orders and then click Quick View link).

When viewing an order's validation status, you can now see the validation status of each SAN on an order: pending or complete.

enhancement

Enhancements to the SSL certificate request (Request a Certificate > SSL Certificates) and SSL certificate renewal pages. We've simplified the look and feel of the request and renewal pages, placing specific information in expandable sections. This enables the end user to focus on the most important parts of the order and renewal processes.

We've grouped the following certificate and order options under the section headings below.

  • Additional Certificate Options
    • Signature Hash
    • Server Platform
    • Auto-Renew
  • Additional Order Options
    • Comments to Administrator
    • Order Specific Renewal Message
    • Additional Emails
    • Additional Users Who Can Manage the Order

March 13, 2018

enhancement

Enhancements to Order # pages (click Certificates > Orders and then click an Order # link) and Order # detail panes (click Certificates > Orders and then click Quick View link).

You can now see an order's validation statuses: pending or completed. You can also see if the order is waiting on domain or organization validation to be completed before it can be issued.

compliance

This is for informational purposes only, no action is required.

As of February 1, 2018, DigiCert publishes all newly issued public SSL/TLS certificates to public CT logs. This does not affect any OV certificates issued before February 1, 2018. Note that CT logging has been required for EV certificates since 2015. See DigiCert Certificates Will Be Publicly Logged Starting Feb. 1.

enhancement

New "exclude from CT log when ordering a certificate" feature added to CertCentral. When you activate this feature (Settings > Preferences), you allow account users to keep public SSL/TLS certificates from being logged to public CT logs on a per certificate order basis.

While ordering an SSL certificate, users have an option not to log the SSL/TLS certificate to public CT logs. The feature is available when a user orders a new certificate, reissues a certificate, and renews a certificate. See CertCentral Public SSL/TLS Certificate CT Logging Guide.

enhancement

New optional CT logging opt out field (disable_ct) added to the SSL certificate request API endpoints. Also, a new CT Log issued certificate opt out endpoint (ct-status) added. See CertCentral API Public SSL /TLS Certificate Transparency Opt Out Guide.

November 3, 2017

enhancement

Enhancements to the Overview page (click Dashboard). Added the ability to request a certificate from the Dashboard; note the new Request a Certificate button at the top of the page.

enhancement

Enhancements to the Request a Certificate drop-down list on the Orders page (click Certificates > Orders) and the Requests page (click Certificates > Requests). Added certificate type headers (e.g., CODE SIGNING CERTIFICATES) to the list to make finding certificates by type easier.

enhancement

Enhancements to the Expiring Certificates page (click Certificates > Expiring Certificates). Added a Quick View link allowing you to see details about each expiring certificate without leaving the page.

October 26, 2017

enhancement

Enhancements to the Orders page (click Certificates > Orders) and Requests page (click Certificates > Requests). Added the ability to request a certificate from these pages; note the new Request a Certificatebutton at the top of the pages.

October 18, 2017

enhancement

Enhancements to the Orders page (click Certificates > Orders); improved page performance.

October 16, 2017

enhancement

Enhancements to the Order details page (viewed when clicking an order # on the Certificates > Orders page); improved page performance.

October 10, 2017

enhancement

Enhancements to the order details pane on the Requests page (viewed when clicking an order #); improved page performance.

October 2, 2017

enhancement

Enhancements to user list queries; improved user search along with page performances (e.g., Orders page).

enhancement

Enhancements to Request a Certificate pages; improved organization and domain searches along with page performance.

September 26, 2017

new

New feature included in the "help" (?) menu drop-down; added a link to the new Change Log page.

fix

Fixed API bug for the Order Details endpoint. Response body now returns the two renewal fields for client certificates:

"is_renewal": false
"renewed_order_id": 1234567

More details »

September 25, 2017

enhancement

Enhancements to client certificates; added support for multiple organizational units (OUs).

enhancement

Enhancements to client certificates; added support for multiple organizational units (OUs).

September 21, 2017

fix

Fixed billing contact bug. Changing the billing contact in a division does not change the billing contact in another division (e.g., top level division).

September 5, 2017

enhancement

Enhancements made to Account Balance and the Purchase Order process. See CertCentral Account Balance and PO Process Changes.

August 4, 2017

new

New feature included in the "help" (?) menu drop-down; added a link to the DigiCert CertCentral Getting Started Guide.