Filtering by: underscores x clear
enhancement

We've updated the CertCentral SAML Federation Settings, enabling you to keep your Federation Name from appearing in the list of IdPs on the SAML Single Sign-On IdP Selection and SAML certificate requests IdP Selection pages.

Now, on the Federation Settings page, under Your IDP's Metadata, we added the Include Federation Name option. If you want to keep your Federation Name from appearing in the list of IdPs on the IdP Selection page, uncheck Add my Federation Name to the list of IdPs.

new

Secure Site Pro TLS/SSL certificates are available in CertCentral. With Secure Site Pro, you're charged per domain; no base certificate cost. Add one domain, get charged for one. Need nine domains, get charged for nine. Secure up to 250 domains on one certificate.

We offer two types of Secure Site Pro certificates, one for OV certificates and one for EV certificates.

  • Secure Site Pro SSL
    Get the OV certificate that fits your needs. Provide encryption and authentication for one domain, one wildcard domain and all its subdomains, or use Subject Alternative Names (SANs) to secure multiple domains and wildcard domains with one certificate.
  • Secure Site Pro EV SSL
    Get the extended validation certificate that fits your needs. Provide encryption and authentication to secure one domain or use Subject Alternative Names (SANs) to secure multiple sites (fully qualified domain names) with one certificate.

Benefits included with each Secure Site Pro certificate

Each Secure Site Pro certificate includes – at no extra cost – first access to future premium feature additions to CertCentral (e.g., CT log monitoring and validation management).

Other benefits include:

  • Priority validation
  • Priority support
  • Two premium site seals
  • Malware check
  • Industry-leading warranties

To activate Secure Site Pro certificates for your CertCentral account, contact your account manager or our support team.

To learn more about our Secure Site Pro certificates, see DigiCert Secure Site Pro.

compliance

Public SSL certificates can no longer secure domain names with underscores ("_"). All previously issued certificates with underscores in domain names must expire prior to this date.

Note: The preferred underscore solution is to rename the hostnames (FQDNs) that contain underscores and replace the certificates. However, for those situations where renaming is not possible, you can use private certificates and, in some cases, you can use a wildcard certificate that secures the entire domain.

For more details, see Retiring Underscores in Domain Names.

compliance

CAs can no longer issue 30-day public SSL certificate containing underscores in domain names (common names and subject alternative names).

Note: The preferred underscore solution is to rename the hostnames (FQDNs) that contain underscores and replace the certificates. However, for those situations where renaming is not possible, you can use private certificates and, in some cases, you can use a wildcard certificate that secures the entire domain.

For more details, see Retiring Underscores in Domain Names.

compliance

Final day you can order 30-day public SSL certificates containing underscores in domain names (common names and subject alternative names) from any CA.

Note: The preferred underscore solution is to rename the hostnames (FQDNs) that contain underscores and replace the certificates. However, for those situations where renaming is not possible, you can use private certificates and, in some cases, you can use a wildcard certificate that secures the entire domain.

For more details, see Retiring Underscores in Domain Names.

compliance

Certificate Authorities (CAs) revoked all public SSL certificates containing underscores (in the common name and subject alternative names) with a maximum validity of more than 30 days by end of day (UTC time).

If you had an SSL certificate with a total validity of 31 days or more (which includes all 1-year, 2-year, and 3-year certificates) that expired after January 14, 2019, the CA who issued your certificate was required to revoke it.

For more details, see Retiring Underscores in Domain Names.

compliance

DigiCert began issuing public SSL certificates containing underscores for a limited time.

  • Maximum 30-day validity for public SSL certificates containing underscores in domain names.
  • Underscores must not be in the base domain ("example_domain.com" is not allowed).
  • Underscores must not be in the left most domain label ("_example.domain.com" and "example_domain.example.com" are not allowed).

For more details, see Retiring Underscores in Domain Names.

new

In the top menu, we added two new contact support options (phone and chat icons) making it easier to contact support from within CertCentral (via email, chat, or phone).

The phone icon provides you with email and phone options. The chat icon provides you with a chat window where you can start a chat with one of our dedicated support team members.

enhancement

We enhanced the sidebar menu, making it easier to see the menu option for the pages you are visiting. Now, when you visit a page in CertCentral, the menu option for that page will have a horizontal blue bar next to it.

fix

We fixed a bug in the Add Organization feature on the SSL/TLS certificate request forms where the validation status (EV and OV validated) was not included for new organizations added and validated as part of the certificate order.

Now, new organizations added when ordering an SSL certificate will show a Validated status.

Note: The organization's validation status doesn't appear until we've fully validated the organization.

compliance

Industry standards compliance change. For publicly trusted certificates, underscores ( _ ) can no longer be included in subdomains. RFC 5280 now enforced for subdomains as well.

See Publicly Trusted Certificates – Data Entries that Violate Industry Standards.