Methods for keeping TLS/SSL certificates out of CT logs
We’ve provided two methods to keep TLS/SSL certificates out of these logs:
Per certificate order: Exclude from CT log when ordering a certificate (recommended)
This feature allows CertCentral users to exclude a certificate from CT logs on a per-certificate basis. See Allow users to keep certificates out of CT logs.
This method is ideal if you only have a minimal number of certificates you don’t want logged.
Per account: Turn off CT logging for an account (use with caution)
This feature allows you to turn CT logging off for your entire account. This method is ideal if you need to keep organization and domain information private across all certificates you will issue..
To turn CT logging off for your DigiCert account, see Turn off CT logging for your account.