New certificate profile option
We've added a new certificate profile option, Data Encipherment, which allows you to include the Data Encipherment key usage extension in OV and EV SSL/TLS certificates. Once enabled for your account, the Include the Data Encipherment key usage extension in the certificate option appears on your SSL/TLS certificate request forms under Additional Certificate Options.
To enable a certificate profile for your account, reach out to your account manager or contact our Support team.
Other available certificate profile options
To learn more about these supported certificate profile options, see Certificate profile options.
We fixed a bug where removing the approval step from the certificate order process blocked custom form field values from being recorded on the certificate's Order details page.
Now, if you create custom fields for your certificate order forms and enable the Skip approval step for your account, the custom order values are recorded on the certificate's Order details page.
Custom order from fields
Skip approval step
In the sidebar menu, click Settings > Preferences. On the Division Preferences page, expand Advanced Settings. In the Certificate Request section, under Approval Steps, select Skip approval step: remove the approval step from your certificate order processes. See Remove the approval step from the certificate order process.
We fixed a certificate order form bug where Additional Emails added to the order weren’t being recorded on the certificate's Order details page.
Now, if you add additional email address to the order for those you want to receive the certificate notification emails, the email addresses are recorded on the certificate's Order details page.
We fixed a cancel order bug where cancelling a certificate renewal removed the renewal option from the order.
Note: To renew these certificates, you had to contact our Support team.
Now, if you cancel a certificate renewal, the renew option remains for the order, allowing you to renew the certificate later when ready.
We improved our Basic and Secure Site single domain certificate offerings (Standard SSL, EV SSL, Secure Site SSL, and Secure Site EV SSL), adding the Include both [your-domain].com and www. [your-domain].com in the certificate option to these certificates' order, reissue, and duplicate forms. This option allows you to choose whether to include both versions of the common name (FQDN) in these single domain certificates for free.
Works for subdomains too
The new option allows you to get both versions of base and subdomains. Now, to secure both versions of a subdomain, add the subdomain to the Common Name box (sub.domain.com) and check Include both [your-domain].com and www. [your-domain].com in the certificate. When DigiCert issues your certificate, it will include both versions of the subdomain on the certificate: [sub.domain].com and www.[sub.doman].com.
Removed Use Plus Feature for Subdomains
The Include both [your-domain].com and www. [your-domain].com in the certificate option makes the Plus Feature -- Use Plus Feature for Subdomains obsolete. So, we removed the option from the Division Preferences page (in the sidebar menu, click Settings > Preferences).
In the DigiCert Services API, we updated the Order OV/EV SSL, Order SSL (type_hint), Order Secure Site SSL, Order Private SSL, Reissue certificate, and Duplicate certificate endpoints listed below. These changes provide more control when requesting, reissuing, and duplicating your single domain certificates, allowing you choose whether to include a specific additional SAN on these single domain certificates for free.
*Note: For the Order SSL (type_hint) endpoint, only use the
dns_names parameter as described below to add the free SAN.
To secure both versions of your domain ([your-domain].com and www. [your-domain].com), in your request, use the
common_name parameter to add the domain ([your-domain].com) and the
dns_names parameter to add the other version of the domain (www. [your-domain].com).
When DigiCert issues your certificate, it will secure both versions of your domain.
To secure only the common name (FQDN), omit the
dns_names parameter from your request.