Skip to main content

Review allowlist IP addresses and URLs

The following guide provides the necessary DigiCert ONE IP addresses, URLs, and host environment configurations per region to ensure proper connectivity for your client tools. Follow the steps below to add these to your allowlists and outbound firewall rules. Add these to your allowlists and outbound firewall rules to make sure you can connect.

Ports and protocols

The table below lists example domains from the US production environment. However, the port and protocol details apply universally to both production and demo environments across all regions.

Domain

Purpose

Port

Protocol

one.digicert.com

Platform domain

443

HTTPS

clientauth.one.digicert.com

Client authentication endpoint

443

HTTPS

directory.one.digicert.com

LDAP domain

389

LDAP

CRL, OCSP, CACERTS, AIA hosts

Certificate validation endpoint

80

HTTP

Allowlist IPs and URLs by environment and region

Add the following URLs and IP addresses to your allowlists and configure your outbound firewall rules. Select the environment that you use.

The following production IPs and URLs are organized by region. Select your region for the production environment:

Classification

URL

IP addresses

Platform domain

one.digicert.com

45.60.44.211

45.60.46.211

45.60.48.211

45.60.50.211

45.60.52.211

45.60.105.211

Certificate revocation services

crl.one.digicert.com

216.168.244.38

Certificate validation endpoint

ocsp.one.digicert.com

Certificate Authority (CA) distribution

cacerts.one.digicert.com

Client authentication endpoint

clientauth.one.digicert.com

LDAP domain

directory.one.digicert.com

Classification

URL

IP addresses

Platform domain

one.digicert.co.jp

Multiple IPs

IP addresses are dynamic and change periodically.

Certificate revocation services

crl.one.digicert.co.jp

Certificate validation endpoint

ocsp.one.digicert.co.jp

Certificate Authority (CA) distribution

cacerts.one.digicert.co.jp

Client authentication endpoint

clientauth.one.digicert.co.jp

216.168.245.10

Classification

URL

IP address

Platform domain

one.ch.digicert.com

91.240.105.35

Certificate revocation services

crl.one.ch.digicert.com

Certificate validation endpoint

ocsp.one.ch.digicert.com

Certificate Authority (CA) distribution

cacerts.one.ch.digicert.com

Client authentication endpoint

clientauth.one.ch.digicert.com

Classification

URL

IP address

Platform domain

one.nl.digicert.com

202.65.16.35

Certificate revocation services

crl.one.nl.digicert.com

Certificate validation endpoint

ocsp.one.nl.digicert.com

Certificate Authority (CA) distribution

cacerts.one.nl.digicert.com

Client authentication endpoint

clientauth.one.nl.digicert.com

The following demo IPs and URLs are organized by region. Select your region for the demo environment:

Classification

URL

IP address

Platform domain

demo.one.digicert.com

216.168.245.10

Certificate revocation services

crl.demo.one.digicert.com

Certificate validation endpoint

ocsp.demo.one.digicert.com

Certificate Authority (CA) distribution

cacerts.demo.one.digicert.com

Client authentication endpoint

clientauth.demo.one.digicert.com

Classification

URL

IP address

Platform domain

demo.one.digicert.co.jp

20.191.175.140

Certificate revocation services

crl.demo.one.digicert.co.jp

Certificate validation endpoint

ocsp.demo.one.digicert.co.jp

Certificate Authority (CA) distribution

cacerts.demo.one.digicert.co.jp

Client authentication endpoint

clientauth.demo.one.digicert.co.jp

Classification

URL

IP address

Platform domain

demo.one.ch.digicert.com

91.240.105.29

Certificate revocation services

crl.demo.one.ch.digicert.com

Certificate validation endpoint

ocsp.demo.one.ch.digicert.com

Certificate Authority (CA) distribution

cacerts.demo.one.ch.digicert.com

Client authentication endpoint

clientauth.demo.one.ch.digicert.com

Classification

URL

IP address

Platform domain

demo.one.nl.digicert.com

202.65.16.34

Certificate revocation services

crl.demo.one.nl.digicert.com

Certificate validation endpoint

ocsp.demo.one.nl.digicert.com

Certificate Authority (CA) distribution

cacerts.demo.one.nl.digicert.com

Client authentication endpoint

clientauth.demo.one.nl.digicert.com

Troubleshooting

Use the nslookup command to find the correct address.

Sample command

nslookup one.digicert.com

Configure both environments in your allowlist.

Publication date: