Mai 7, 2022
Upcoming Schedule Maintenance
Update: There is no planned downtime during maintenance on May 7, MDT (May 8, UTC).
DigiCert will perform scheduled maintenance on May 7, 2022, between 22:00 – 24:00 MDT (May 8, 2022, between 04:00 – 06:00 UTC). Although we have redundancies to protect your services, some DigiCert services may be unavailable during this time.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- See the DigiCert 2022 maintenance schedule for maintenance dates and times.
Services will be restored as soon as we complete the maintenance.
April 2, 2022
Upcoming Schedule Maintenance
DigiCert will perform scheduled maintenance on April 2, 2022, between 22:00 – 24:00 MDT (April 3, 2022, between 04:00 – 06:00 UTC). During this time, some services may be down for up to two hours.
Note: Maintenance will be one hour earlier for those who don't observe daylight savings.
Infrastructure-related maintenance downtime
We will start this infrastructure-related maintenance at 22:00 MDT (04:00 UTC). Then the services listed below may be down for up to two hours.
CertCentral® TLS certificate issuance:
- TLS certificate requests submitted during this time will fail
- Failed requests should be resubmitted after services are restored
CIS and CertCentral® SCEP:
- Certificate Issuing Service (CIS) will be down
- CertCentral Simple Certificate Enrollment Protocol (SCEP) will be down
- Requests submitted during this time will fail
- CIS APIs will return a "503 Service is unavailable" error
- Failed requests should be resubmitted after services are restored
Direct Cert Portal new domain and organization validation:
- New domains submitted for validation during this time will fail
- New organizations submitted for validation during this time will fail
- Failed requests should be resubmitted after services are restored
QuoVadis® TrustLink® certificate issuance:
- TrustLink certificate requests submitted during this time will be delayed
- Requests will be added to a queue for processing later
- Queued-up requests will be processed after services are restored
PKI Platform 8 new domain and organization validation:
- New domains submitted for validation during this time will fail
- New organizations submitted for validation during this time will fail
- Requests will be added to a queue for processing later
- Queued-up requests will be processed after services are restored
- Access to User Authorization Agent (UAA) services will be disabled: both the UAA Admin and User web portals
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2022 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
März 5, 2022
Upcoming Schedule Maintenance
DigiCert will perform scheduled maintenance on March 5, 2022, between 22:00 – 24:00 MST (March 6, 2022, between 05:00 – 07:00 UTC). During this time, some services may be down for up to two hours.
Infrastructure-related maintenance downtime
We will start this infrastructure-related maintenance at 22:00 MST (05:00 UTC). Then the services listed below may be down for up to two hours.
CertCentral™ TLS certificate issuance:
- TLS certificate requests submitted during this time will fail
- Failed requests should be resubmitted after services are restored
CIS and CertCentral™ SCEP:
- Certificate Issuing Service (CIS) will be down
- CertCentral Simple Certificate Enrollment Protocol (SCEP) will be down
- Requests submitted during this time will fail
- CIS APIs will return a "503 Service is unavailable" error
- Failed requests should be resubmitted after services are restored
Direct Cert Portal new domain and organization validation:
- New domains submitted for validation during this time will fail
- New organizations submitted for validation during this time will fail
- Failed requests should be resubmitted after services are restored
QuoVadis™ TrustLink™ certificate issuance:
- TrustLink certificate requests submitted during this time will be delayed
- Requests will be added to a queue for processing later
- Queued-up requests will be processed after services are restored
PKI Platform 8 new domain and organization validation:
- New domains submitted for validation during this time will fail
- New organizations submitted for validation during this time will fail
- Requests will be added to a queue for processing later
- Queued-up requests will be processed after services are restored
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2022 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
Dezember 7, 2021
CertCentral Report Library now available
We are happy to announce the CertCentral Report Library is now available for CertCentral Enterprise and CertCentral Partner.* The Report Library is a powerful reporting tool that allows you to download more than 1000 records at a time. Use the Report Library to build, schedule, organize, and export reports to share and reuse.
The Report Library includes six customizable reports: Orders, Organizations, Balance history, Audit log, Domains, and Fully qualified domain names (FQDN). When building reports, you control the details and information that appear in the report, configure the columns and column order, schedule how often you want the report to run (once, weekly, or monthly), and choose the report format (CSV, JSON, or Excel). In addition, you receive notices when the report is ready for download in your account.
To build your first report:
- In your CertCentral account, in the main menu, select Reports*.
Note: To use the Report Library, you must be a CertCentral administrator. CertCentral Managers, Finance Managers, Standard Users, and Limited Users do not have access to Reports in their accounts. - On the Report library page, select Build a report.
To learn more about building reports:
*Note: Don't see the Report Library in your account? Contact your account manager or our support team for help.
CertCentral Report Library API also available
We're pleased to announce the release of the CertCentral Report Library API! This new API service makes it possible to leverage key features of the Report Library in your CertCentral API integrations, including building reports and downloading report results*.
See our Report Library API documentation to learn more about including the Report Library in your API integrations.
*Note: To use the CertCentral Report Library API, Report Library must be enabled for your CertCentral account. For help activating the Report Library, contact your account manager or our support team.
Bugfix: Unique organization name check did not include assumed name
We updated our unique organization name check to include the assumed name (doing business as name) when creating an organization.
Before, in CertCentral and the CertCentral Services API, when you tried to create an organization with the same name as an existing organization, we returned an error and would not let you create the organization, even if the assumed name (DBA) was different.
Now, when you create an organization, we include the assumed name in the unique organization check. Therefore, you can create organizations with the same name, as long as each organization has a unique assumed name.
For example:
- First organization: No assumed name
- Name: YourOrganization
- Assumed name:
- Second organization: Name plus unique assumed name
- Name: YourOrganization
- Assumed name: OrganizationAssumedName
Creating organizations
In CertCentral and the CertCentral Services API, you can create an organization to submit for prevalidation or when you order a TLS/SSL certificate. This change applies to both processes.
CertCentral: DigiCert now issues client certificates from the DigiCert Assured ID Client CA G2 intermediate CA certificate
To remain compliant with industry standards, DigiCert had to replace the intermediate CA (ICA) certificate used to issue CertCentral client certificates.
CertCentral client certificate profiles that used the DigiCert SHA2 Assured ID CA intermediate CA certificate now use the DigiCert Assured ID Client CA G2 intermediate CA certificate. This change also changes the root certificate from DigiCert Assured ID Root CA to DigiCert Assured ID Root G2.
Old ICA and root certificates
- (ICA) DigiCert SHA2 Assured ID CA
- (Root) DigiCert Assured ID Root CA
New ICA and root certificates
- (ICA) DigiCert Assured ID Client CA G2
- (Root) DigiCert Assured ID Root G2
For more information, see DigiCert ICA Update. To download a copy of the new intermediate CA certificate, see DigiCert Trusted Root Authority Certificates.
Do you still need your client certificate to chain to the DigiCert Assured ID Root CA certificate? Contact your account representative or DigiCert Support.
November 16, 2021
Industry changes to file-based DCV (HTTP Practical Demonstration, file auth, file, HTTP token, and HTTP auth)
To comply with new industry standards for the file-based domain control validation (DCV) method, you can only use the file-based DCV to demonstrate control over fully qualified domain names (FQDNs), exactly as named.
To learn more about the industry change, see Domain validation policy changes in 2021.
How does this affect me?
As of November 16, 2021, you must use one of the other supported DCV methods, such as Email, DNS TXT, and CNAME, to:
- Validate wildcard domains (*.example.com)
- To include subdomains in the domain validation when validating the higher-level domain. For example, if you want to cover www.example.com, when you validate the higher-level domain, example.com.
- Prevalidate entire domains and subdomains.
To learn more about the supported DCV method for DV, OV, and EV certificate requests:
CertCentral: Pending certificate requests and domain prevalidation using file-based DCV
Pending certificate request
If you have a pending certificate request with incomplete file-based DCV checks, you may need to switch DCV methods* or use the file-based DCV method to demonstrate control over every fully qualified domain name, exactly as named, on the request.
*Note: For certificate requests with incomplete file-based DCV checks for wildcard domains, you must use a different DCV method.
To learn more about the supported DCV methods for DV, OV, and EV certificate requests:
- Supported DCV methods for validating domains on certificate OV and EV certificate requests
- Supported DCV methods for validating the domains on DV SSL certificate orders
Domain prevalidation
If you plan to use the file-based DCV method to prevalidate an entire domain or entire subdomain, you must use a different DCV method.
To learn more about the supported DCV methods for domain prevalidation, see Supported domain control validation (DCV) methods for domain prevalidation.
CertCentral Services API
If you use the CertCentral Services API to order certificates or submit domains for prevalidation using file-based DCV (http-token), this change may affect your API integrations. To learn more, visit File-based domain control validation (http-token).
April 15, 2020
Fehlerbehebung: DV-Zertifikat nicht an E-Mail-Benachrichtigung angehängt
Wir beseitigten einen Fehler im DV-Ausstellungsprozess, durch dennicht keine Kopie des DV-Zertifikats an die E-Mail-Benachrichtigung Ihr Zertifikat für Ihre Domäne angehängt wurde. Als temporäre Lösung für dieses Problem fügten wir nun einen Zertifikat-Downloadlink zu der DV-Zertifikatsbenachrichtigungs-E-Mail hinzu.
Hinweis: Nachdem DigiCert ein Zertifikat ausgestellt hat, ist dieses sofort in Ihrem CertCentral-Konto verfügbar.
Um den Download-Link in der E-Mail verwenden zu können, müssen Sie berechtigt sein, auf das CertCentral-Konto und den Zertifikatsauftrags zuzugreifen.
Falls ein E-Mail-Empfänger keinen Zugriff auf das Konto oder den Zertifikatsauftrags hat, können Sie ihm aus Ihrem CertCentral-Konto per E-Mail eine Kopie des DV-Zertifikats senden. Siehe unsere Anweisungen zum Senden eines DV-Zertifikats per E-Mail von Ihrem CertCentral-Konto aus.
Upgrades für Altkonten von Partnern nach CertCentral
Wir aktualisierten in der DigiCert Service-API die – DigiCert-Auftrags-ID –, um es zu erleichtern, die entsprechenden DigiCert-Auftrags-IDs für Ihre migrierten alten GeoTrust-SSL/TSL-Zertifikatsaufträge zu finden.
Sie können jetzt die GeoTrust-Auftrags-ID verwenden, um auf die DigiCert-Auftrags-ID für Ihre GeoTrust-Zertifikatsaufträge zuzugreifen. Darüber hinaus senden wir Ihnen die aktuelle DigiCert-Auftrags-ID, wenn sie die GeoTrust-Auftrags-ID verwenden.
* Hinweis: Im alten Partnerkonto haben Sie nur Zugriff auf die GeoTrust-Auftrags-ID für Ihre GeoTrust TLS/SSL-Zertifikatsaufträge.
Hintergrund
Wenn Sie Ihre aktiven öffentlichen SSL/TLS-Zertifikatsaufträge zu Ihrem neuen CertCentral-Konto migrieren, weisen wir jedem migrierten Bestandszertifikatsauftrag eine eindeutige DigiCert-Auftrags-ID zu.
Weitere Informationen:
Februar 20, 2020
Wir beseitigten einen Fehler, durch den "versteckte" Organisationen das Öffnen von Zertifikatsantragsformularen verhinderten. Um dieses Problem zu beheben, beziehen wir keine verdeckten Organisationen mehr in die Liste der verfügbaren Organisationen auf den-Zertifikatsantragsformularen ein.
Wie kann ich "versteckte" Organisationen zu einem Zertifikatsantrag hinzufügen?
Wenn Sie eine "versteckte" Organisation in die Liste der verfügbaren Organisationen auf Ihren Zertifikatsantragsformularen aufnehmen möchten, brauchen Sie sie nur einzublenden.
- Gehen Sie im linken Hauptmenü auf Zertifikate > Organisationen.
- Auf der Seite Organisationen, klicken Sie in der Dropdownliste Versteckte Organisationen auf Anzeigen und anschließend auf Weiter.
- Klicken Sie auf die Organisation, die Sie einblenden möchten.
- Auf der Seite Organisationsdetails, klicken Sie auf Einblenden.
Wenn Sie das nächste Mal ein Zertifikat bestellen, wird die Organisation in der Liste der verfügbaren Organisationen auf den Zertifikatsantragsformular angezeigt.
Hinweis: Diese Änderung betrifft nur die CertCentral-Benutzeroberfläche (UI). Die API unterstützt das Hinzufügen von "versteckten" Organisationen zu Ihrem Antrag. Sue brauchen eine Organisation nicht einzublenden, um sie zu einem Zertifikatsantrag hinzuzufügen.
Altkonten-Upgrades nach CertCentral
In der DigiCert Service-API, es gibt einen neuen Endpunkt – DigiCert-Auftrags-ID –, um es zu erleichtern, die entsprechenden DigiCert-Auftrags-IDs für Ihre migrierten alten Symantec-Aufträge zu finden.
Nach der Migration Ihrer aktiven öffentlichen SSL/TLS-Zertifikatsaufträge zu Ihrem neuen CertCentral-Konto weisen wir jedem migrierten Bestandszertifikatsauftrag von Symantec eine eindeutige DigiCert-Auftrags-ID zu.
Musterantrag
GET https://www.digicert.com/services/v2/oem-migration/{{symc_order_id}}/order-id
Musterantwort200 OK
Weitere Informationen:
Februar 13, 2020
Altkonten-Upgrades 2.0
Wir freuen uns, mitzuteilen, dass validierte Domains und aktive, öffentliche SSL/TLS-Zertifikate nun in der Datenmigration beim Upgrade ihrer alten Konsole auf CertCentral enthalten sind. Weitere Informationen finden Sie unter Was Sie über die Migration von Kontodaten wissen müssen.
Ab dieser Version beginnen wir ein phasenweises Upgrade unserer alten Konsolen nach CertCentral. Die Upgrade-Kriterien sind abhängig von der Größe des Unternehmens, der bevorzugten Währung und der Nutzung der Funktionen.
Hinweis: CertCentral-Upgrades sind kostenlos. Falls Sie jetzt an einem Upgrade interessiert sind, wenden Sie sich bitte an Ihren Kundenbetreuer oder unser Supportteam.
Falls Ihr altes Konto den Kriterien der ersten Phase entspricht, sehen Sie, wenn Sie sich bei Ihrer Konsole anmelden, eine Option für ein Upgrade nach CertCentral. Beim Upgrade migrieren wir Ihre Organisationen und validierten Domänen in Ihr CertCentral-Konto. Anschließend können Sie Ihre aktiven, öffentlichen SSL/TLS-Zertifikate importieren.
Weitere Informationen zum Upgrade nach CertCentral und zur Datenmigration finden Sie in unserer Anleitung Upgrade nach CertCentral.
Andere Zertifikattypen
Private SSL/TLS-, Code Signing-, S/MIME- und andere Zertifikattypen können zu diesem Zeitpunkt nicht importiert werden. Private SSL/TLS- und Nicht-SSL/TLS-Zertifikate werden Teil eines separaten Migrationsvorgangs sein.