CertCentral: Managed automation general availability
We are happy to announce the general availability of another of our Automation Tools—Managed automation. Its beta period has ended, and it is now ready for production environments.
CertCentral-managed automation allows you to automate your SSL/TLS certificate lifecycle management process. Remove time spent completing manual SSL/TLS certificate requests and installations.
Managed automation features:
Managed automation in CertCentral
To get started with CertCentral-managed automation, in your CertCentral account, go to the Manage automation page (in the left main menu, go to Automation > Manage automation).
For more information:
CertCentral ACME protocol support general availability
We are happy to announce the general availability of one of our Automation Tools—ACME protocol support. Its open beta period has ended, and it is now ready for production environments.
With ACME + CertCentral, use your preferred ACME client to automate your SSL/TLS certificate deployments and remove time spent completing manual certificate installations.
CertCentral ACME protocol support allows you to automate OV and EV SSL/TLS 1-year, 2-year, and custom validity certificate deployments. Our ACME protocol also supports the Signed HTTP Exchange certificate profile option, enabling you to automate your Signed HTTP Exchange certificate deployments.
ACME in CertCentral
To access ACME in your CertCentral account, go to the ACME Directory URLs page (in the left main menu, go to Automation > ACME Directory URLs).
For more information:
Discovery now available in all CertCentral accounts
We are happy to announce that all existing CertCentral accounts now include Discovery, our newest and most robust certificate discovery tool.
Note: For those who were using Certificate Inspector, Discovery replaces our long time DigiCert tool, Certificate Inspector.
By default, Discovery includes Cloud scan and a Sensor scan trial with a 100-certificate limit.
Cloud scan
Cloud scan uses a cloud-based sensor, so there is nothing to install or manage. You can start scanning immediately to find all your public facing SSL/TLS certificates regardless of issuing Certificate Authority (CA). Cloud-scan runs once every 24 hours.
Sensor scan
Sensor scan is our most robust version of Discovery. It uses sensors to scan your network to quickly find all your internal and public facing SSL/TLS certificates regardless of the issuing Certificate Authority (CA). Discovery also identifies problems in certificate configurations and implementations along with certificate-related vulnerabilities or problems in your endpoint configurations.
Scans are centrally configured and managed from inside your CertCentral account. Scan results are displayed in an intuitive and interactive dashboard inside CertCentral. Configure scans to run once or multiple times on a set schedule.
Discovery audit logs
Discovery has added a new feature—Discovery Audit Logs—allowing you to track Discovery-related activities in your CertCentral account. These audit logs provide insight into user activity enabling you to see areas where training may be required, reconstruct events to troubleshoot problems, detect misuse, and discover problem areas.
To make it easier to sort through the information in the Discover audit logs, we've include several filters:
To access the Discovery Audit Log, in your CertCentral account, in the left main menu, go to Account > Audit Logs. On the Audit Logs page, click Discovery Audit Logs.
Discovery language support
As we work to globalize our product offerings and make our websites, platforms, and documentation more accessible, we are happy to announce that we've added language support to Discovery in CertCentral.
Now, when configuring your language preference in CertCentral, Discovery is included in the configuration.
To configure your language preference
In your account, in the top right corner, in the "your name" drop-down list, select My Profile. On the Profile Settings page, in the Language dropdown, select a language and click Save Changes.
Bug fix: DV certificate orders did not honor Submit base domains for validation account setting
We fixed a bug in the DV certificate domain control validation (DCV) process where DV certificate orders did not adhere to the Submit base domains for validation account setting.
Note: For DV certificate orders, you were required to validate the domain exactly as named in the order.
Now, DV certificate orders honor the Submit base domains for validation account setting, allowing you to validate your subdomains at the base domain level on your DV certificate orders.
To view the Domain Validation Scope settings in your account, go to Settings > Preferences. On the Division preferences page, expand +Advanced Settings. The Domain Validation Scope settings are in the Domain Control Validation (DCV) section.
We've added a new tool to our CertCentral portfolio—Discovery—that provides real-time analysis of your entire SSL/TLS certificate landscape.
Designed to quickly find all your internal and public facing SSL/TLS certificates regardless of the issuing Certificate Authority (CA), Discovery identifies problems in certificate configurations and implementations along with certificate-related vulnerabilities or problems in your endpoint configurations.
Note: Discovery uses sensors to scan your network. Sensors are small software applications that you install in strategic locations. Each scan is linked to a sensor.
Scans are centrally configured and managed from inside your CertCentral account. Scan results are displayed in an intuitive and interactive dashboard inside CertCentral. Configure scans to run once or multiple times on a set schedule.
