Certificates
The DigiCert® KeyLocker certificates feature allows you to view and manage all publicly trusted code signing certificates that rely on KeyLocker key storage.
View certificates
You require the View certificate
permission to view certificates.
To view your certificates:
Sign in to DigiCert ONE.
Navigate to: Manager menu (top right) > KeyLocker.
Select Certificates.
Click on the Order ID to view more information.
Identify the signer for the certificate
To identify the designated signer for your KeyLocker certificate:
Sign in to DigiCert ONE.
Navigate to: Manager menu (top right) > KeyLocker.
Select Certificates.
Review the Signer column, the values in this column can be interpreted as follows:
Value
Description
All account users
Any user in your KeyLocker account is allowed to sign with this certificate.
Note
Only certificates purchase before November 3, 2023 will show this value.
No signer
Signing is blocked because no user is listed as the designated signer for this certificate. Next step: Add a signer.
User's name listed
Only the user specified in this column can sign with this certificate. You can update the signer.
Note
Certificates purchased between November 3, 2023 and March 19, 2024, may see more than one user listed as the designated signer for the certificate. All users listed are allowed to sign with this certificate.
Add signer
To add a designated signer for your KeyLocker certificate:
Sign in to DigiCert ONE.
Navigate to: Manager menu (top right) > KeyLocker.
Select Certificates.
Select the Order ID to view more information.
Under Manage signer, select Add signer.
Select a KeyLocker user in your account from the drop-down list.
Select Add signer.
Update signer
To update the designated signer for your KeyLocker certificate:
Sign in to DigiCert ONE.
Navigate to: Manager menu (top right) > KeyLocker.
Select Certificates.
Select the Order ID to view more information.
Next to Manage signer, select the pencil icon.
Select an alternative KeyLocker user in your account from the drop-down list.
Select Update signer.
Download certificate
You require the View certificate
permission to download a certificate.
To download a certificate:
Sign in to DigiCert ONE.
Navigate Manager menu icon (top right) > KeyLocker.
Select Certificates.
Click on the Order ID.
Identify the Certificate field.
Click the Download icon or copy and paste the plain text.
Identify the certificate fingerprint/thumbprint
You require the View certificate
permission to identify the certificate fingerprint/thumbprint.
To identify the certificate fingerprint/thumbprint:
Sign in to DigiCert ONE.
Navigate to the Manager menu (top right) > KeyLocker.
Select Certificates.
Click on the Order ID .
Identify the Fingerprint/thumbprint field.
Revoke certificate
You require the Revoke certificate
permission to revoke a certificate.
To revoke a certificate:
Sign in to DigiCert ONE.
Navigate to the Manager menu (top right) > KeyLocker.
Select Certificates.
Hover over the .
Click on the Revoke icon.
Specify the following:
Revocation reason
Description
Revocation date
Tip
If you become aware that your certificate was compromised on a previous date, backdate the revocation date to invalidate any signatures from that date.
Sync certificate
Sync your certificates to pull the latest certificate status from CertCentral. This action may be useful to you if your order status in CertCentral is different to your status in DigiCert® KeyLocker. You require the View certificate
permission to sync a certificate.
To sync a certificate:
Sign in to DigiCert ONE.
Navigate to the Manager menu (top right) > KeyLocker.
Select Certificates.
Hover over the order ID.
Click on the sync icon.
Bulk actions
You can sync or revoke multiple certificates by using the workflow below:
Sign in to DigiCert ONE.
Navigate to the Manager menu (top right) > KeyLocker.
Select Certificates.
Select the boxes next to the order ID for all the certificates that you want to apply the bulk action to.
Hover over a order ID that you have selected.
Select Bulk actions.
Click on the Sync orders or Revoke.