The following guide provides the necessary DigiCert ONE IP addresses, URLs, and host environment configurations per region to ensure proper connectivity for your client tools. Follow the steps below to add these to your allowlists and outbound firewall rules. Add these to your allowlists and outbound firewall rules to make sure you can connect.
The table below lists example domains from the US production environment. However, the port and protocol details apply universally to both production and demo environments across all regions.
Domain | Purpose | Port | Protocol |
---|---|---|---|
one.digicert.com | Platform domain | 443 | HTTPS |
clientauth.one.digicert.com | Client authentication endpoint | 443 | HTTPS |
directory.one.digicert.com | LDAP domain | 389 | LDAP |
CRL, OCSP, CACERTS, AIA hosts | Certificate validation endpoint | 80 | HTTP |
Add the following URLs and IP addresses to your allowlists and configure your outbound firewall rules. Select the environment that you use.
The following production IPs and URLs are organized by region. Select your region for the production environment:
Classification | URL | IP addresses |
---|---|---|
Platform domain | one.digicert.com | 45.60.44.211 |
45.60.46.211 | ||
45.60.48.211 | ||
45.60.50.211 | ||
45.60.52.211 | ||
45.60.105.211 | ||
Certificate revocation services | crl.one.digicert.com | 216.168.244.38 |
Certificate validation endpoint | ocsp.one.digicert.com | |
Certificate Authority (CA) distribution | cacerts.one.digicert.com | |
Client authentication endpoint | clientauth.one.digicert.com | |
LDAP domain | directory.one.digicert.com |
Classification | URL | IP addresses |
---|---|---|
Platform domain | one.digicert.co.jp | Multiple IPs
|
Certificate revocation services | crl.one.digicert.co.jp | |
Certificate validation endpoint | ocsp.one.digicert.co.jp | |
Certificate Authority (CA) distribution | cacerts.one.digicert.co.jp | |
Client authentication endpoint | clientauth.one.digicert.co.jp | 216.168.245.10 |
Classification | URL | IP address |
---|---|---|
Platform domain | one.ch.digicert.com | 91.240.105.35 |
Certificate revocation services | crl.one.ch.digicert.com | |
Certificate validation endpoint | ocsp.one.ch.digicert.com | |
Certificate Authority (CA) distribution | cacerts.one.ch.digicert.com | |
Client authentication endpoint | clientauth.one.ch.digicert.com |
Classification | URL | IP address |
---|---|---|
Platform domain | one.nl.digicert.com | 202.65.16.35 |
Certificate revocation services | crl.one.nl.digicert.com | |
Certificate validation endpoint | ocsp.one.nl.digicert.com | |
Certificate Authority (CA) distribution | cacerts.one.nl.digicert.com | |
Client authentication endpoint | clientauth.one.nl.digicert.com |
The following demo IPs and URLs are organized by region. Select your region for the demo environment:
Classification | URL | IP address |
---|---|---|
Platform domain | demo.one.digicert.com | 216.168.245.10 |
Certificate revocation services | crl.demo.one.digicert.com | |
Certificate validation endpoint | ocsp.demo.one.digicert.com | |
Certificate Authority (CA) distribution | cacerts.demo.one.digicert.com | |
Client authentication endpoint | clientauth.demo.one.digicert.com |
Classification | URL | IP address |
---|---|---|
Platform domain | demo.one.digicert.co.jp | 20.191.175.140 |
Certificate revocation services | crl.demo.one.digicert.co.jp | |
Certificate validation endpoint | ocsp.demo.one.digicert.co.jp | |
Certificate Authority (CA) distribution | cacerts.demo.one.digicert.co.jp | |
Client authentication endpoint | clientauth.demo.one.digicert.co.jp |
Classification | URL | IP address |
---|---|---|
Platform domain | demo.one.ch.digicert.com | 91.240.105.29 |
Certificate revocation services | crl.demo.one.ch.digicert.com | |
Certificate validation endpoint | ocsp.demo.one.ch.digicert.com | |
Certificate Authority (CA) distribution | cacerts.demo.one.ch.digicert.com | |
Client authentication endpoint | clientauth.demo.one.ch.digicert.com |
Classification | URL | IP address |
---|---|---|
Platform domain | demo.one.nl.digicert.com | 202.65.16.34 |
Certificate revocation services | crl.demo.one.nl.digicert.com | |
Certificate validation endpoint | ocsp.demo.one.nl.digicert.com | |
Certificate Authority (CA) distribution | cacerts.demo.one.nl.digicert.com | |
Client authentication endpoint | clientauth.demo.one.nl.digicert.com |
Use the nslookup
command to find the correct address.
Sample command
nslookup one.digicert.com
Configure both environments in your allowlist.