Filtering by: ev certificate x clear
enhancement

We enhanced the Add Verified Contacts process on the organization details pages making it easier to add existing and new verified contacts when submitting an organization for pre-validation (in the sidebar menu, click Certificates > Organizations. Then in the Name column, click the organization name link).

To make adding a verified contact easier, we removed the separate links (Add New Contact and Add from Existing Contacts) each with their own window. Now, we provide a single Add Contact link and a single Add Contact window where you can add a new or existing contact.

Add New Contact Note

By default, the Allow non-CertCentral account users to be used as verified contacts feature is disabled for a CertCentral account.

You can enable this feature on the Division Preferences page (in the sidebar menu, click Settings > Preferences). In the Advance Settings section, under Verified Contacts, you can allow non-CertCentral account users to be used as verified contacts (check Allow non-DigiCert users to be used as verified contacts).

enhancement

We enhanced the add existing organization feature for the EV SSL/TLS certificates order process making it easier to include the EV verified contacts for an organization in your certificate order.

Previously, information about who the EV verified contacts are for an organization didn't appear on the EV certificate request pages.

Now, when you add an existing organization that already has EV verified contacts assigned to it, the Verified Contact (for EV) cards are populated with the verified contacts' information.

Note: If your CSR includes an organization currently used in your account, the Organization card is populated with the organization's information contained in your account. If this same organization already has assigned EV verified contacts, the Verified Contact (for EV) cards are populated with their information (name, title, email, and phone number).

fix

We fixed a bug on the User Invitations page preventing the Invited By filter from showing the administrators who sent the user invite requests.

Now, when you go to the User Invitations page (in the sidebar menu, click Account > User Invitations), the Invited By filter shows the admins who sent user invitations.

enhancement

We enhanced the add existing organization feature of the SSL/TLS certificate order process, enabling you to filter the existing organization list to see only organizations that are fully validated.

Note: If your CSR includes an organization currently used in your account, the Organization card auto populates with the organization's information contained in your account.

To manually add an existing organization when ordering your SSL/TLS certificate, click Add Organization. In the Add Organization window, check Hide non-validated organizations to filter the organizations so only the fully validated ones are shown.

Note: If you have more than nine active organizations in your account, the filter also works for the Organization drop-down list.

enhancement

We enhanced the Organization Unit(s) feature of the SSL/TLS certificate order process, enabling you to add multiple organization units. Previously, you could only add one organization unit.

Note: The Organization Unit(s) field on the request form will be auto populated with the values from your CSR.

To manually add organization units when ordering your SSL/TLS certificate, expand Additional Certificate Options and in the Organization Unit(s) field, you can now add one or more organization units.

Note: Adding organization units is optional. You can leave this field blank. However, if you do include organization units in your order, DigiCert will need to validate them before we can issue your certificate.

fix

We fixed a Custom Order Fields* bug preventing the feature from working properly when deactivating, activating, changing a field from required to optional, and changing a field from optional to required.

*Custom Order Fields is disabled by default. To enable this feature for your CertCentral account, please contact your DigiCert account representative. See Managing Custom Order Form Fields in the Advanced CertCentral Getting Started Guide.

enhancement

We enhanced the Add Contact feature of the EV TLS/SSL certificate order process, enabling you to see if the existing contact listed is a CertCentral account user or a contact (non-CertCentral account user).

Previously, when adding an existing contact as a Verified Contact for your EV TLS certificate order, you were presented with a list of contacts to select from without a way to distinguish account users from non-account users.

With this improvement, the contacts listed are now categorized as Users (CertCentral account users) and Contacts (non-CertCentral account users).

Note: By default, the Allow non-CertCentral account users to be used as verified contacts feature is disabled for a CertCentral account.

How to enable the Allow non-CertCentral account users to be used as verified contacts feature

On the Division Preferences page (Settings > Preferences), in the Advance Settings section, under Verified Contacts, you can allow non-CertCentral account users to be used as verified contacts (check Allow non-DigiCert users to be used as verified contacts).

With the non-CertCentral user feature enabled, when adding verified contacts as part of the EV certificate request process, you will see two options: Existing Contact and New Contact. The Existing Contact option lets you assign a CertCenrtal user as the verified EV contact. The New Contact option lets you enter information for a non-CertCentral account user.

new

Secure Site TLS/SSL certificates are available in CertCentral:

  • Secure Site SSL
  • Secure Site EV SSL
  • Secure Site Multi-Domain SSL
  • Secure Site EV Multi-Domain SSL
  • Secure Site Wildcard SSL

To activate Secure Site certificates for your CertCentral account, contact your Sales representative.

Benefits included with each Secure Site certificate:

  • Priority validation
  • Priority support
  • Two premium site seals
  • Industry-leading warranties

To learn more about our Secure Site certificates, see DigiCert Secure Site Overview.
Additional Resources:

fix

Updates to the full SHA256 EV hierarchy certificate profile

On September 27, 2018, we removed the Symantec policy OID from EV TLS certificates issued from the full SHA256 EV hierarchy [DigiCert Global G2 Root => DigiCert Global G2 Intermediate => EV TLS/SSL certificate].

Problem: Chrome bug on macOS

July 2018, we discovered a bug in Chrome on macOS where it wasn't showing the EV indicator for EV TLS certificate with more than two policy OIDs – https://bugs.chromium.org/p/chromium/issues/detail?id=867944.

Solution

We removed the Symantec policy OID from the full SHA256 EV hierarchy certificate profile. With this change, Chrome on macOS again showed the EV indicator for the EV TLS certificates issued from the full SHA256 EV hierarchy.

Affected EV TLS certificates

EV TLS certificates (from the full SHA256 EV hierarchy) issued after January 31, 2018 and prior to September 27, 2018 contain these three policy OIDs in the Certificate Extension - Certificate Policies:

  • 2.16.840.1.114412.2.1 (DigiCert OID)
  • 2.16.840.1.113733.1.7.23.6 (Symantec OID)
  • 2.23.140.1.1 (CAB/F OID)

What do I need to do?

  • Do you have an EV TLS certificate that is not showing the EV indicator in Chrome on macOS?
    Please replace (reissue) your EV TLS certificate to show the EV indicator in Chrome on macOS.
    Full SHA256 EV TLS certificates issued as of September 27, 2018 contain only two policy OIDs in the Certificate Extension - Certificate Policies:
    • 2.16.840.1.114412.2.1 (DigiCert OID)
    • 2.23.140.1.1 (CAB/F OID)
  • What about other types of certificates?
    For all other types of certificates, no action is required.