Release notes RSS
You can now request a single certificate with a choice between two licensing tiers.
Essential plan: Provides basic certificate issuance features.
Advanced plan: Offers enhanced features such as device record association, management via the DigiCert TrustEdge agent, and support for OTA updates.
You can now request certificates in bulk with a choice between two licensing tiers.
Essential plan: Delivers basic functionality for bulk issuance.
Advanced plan: Provides additional capabilities like device record association, management via the DigiCert TrustEdge agent, and OTA updates.
New logging capabilities enable you to monitor software update progress and troubleshoot issues during device deployments. This feature provides real-time visibility into the update process.
You can now define custom inventory attributes beyond the default set. This addition allows for a more tailored and flexible inventory management experience.
You can now assign an authentication policy to both device groups and certificate management policies. This update secures device registration and certificate management by ensuring the correct authentication is enforced.
The EST CA Certs endpoint now accurately processes requests that include both the Certificate Management Policy ID and Device Group ID.
A new system template has been added to support Matter-compliant certificate issuance. The “Matter Standard Certificate Template” can be assigned to an account by an account manager.
The EST enrollment and re-enrollment endpoints now return a detailed 401 Unauthorized response when credentials are missing. The response now lists supported authentication methods. For example, Basic and Client Authentication.
Configuration helper texts have been revamped to improve accessibility and clarity.
Hover tooltip: Descriptions now appear when hovering over a question mark icon next to configuration labels.
Info panel: For longer descriptions, an additional info (i) icon opens a right-side panel displaying the full text.
Documentation link: When available, a “Learn More” link directs you to the relevant documentation on docs.digicert.com.
The following pages and wizards have been updated with these changes: Register many devices wizard, Certificates list page, Request single device certificate, Request single certificate, Certificate management policy wizard.
The division creation wizard now allows you to configure primary and secondary Rendezvous Zones during division creation. This improvement simplifies the setup process and enhances division configuration flexibility.
The Certificate management policy wizard now enforces an Authentication policy selection during the initial configuration step.
When choosing EST, SCEP, or CMPv2 with the Essential plan, you must select an Authentication Policy. This validation step prevents progression until a policy is chosen to reduce configuration errors.
You can now update the assigned Authentication policy directly within the Certificate management policy details.
An edit icon has been added to allow removal or change of the current Authentication Policy. This change provides greater flexibility in managing certificate policies.
Added several improvements to API reference material, calls, and handling.
Refined error codes and messages for a more user-friendly experience.
Updated validation rules (for example, ensuring UUID formats) and filtering logic for data consistency.
Enhanced Swagger documentation and API helpers to ensure clarity and reliability in data processing.
Updated both frontend and backend i18n property files.
Added additional translations to ensure consistent language support across the platform.
The Rendezvous service now validates the signing certificate (p12 file) during PAT uploads.
Certificate validity verification: The service checks the certificate’s validity period before accepting the upload.
Improved security: Expired or not-yet-valid certificates are rejected, ensuring only valid credentials are used.
The ordering of “Connected” and “Disconnected” events has been corrected by updating the timestamp precision.
Millisecond precision: The Kafka message for the “Connected” event now includes millisecond details.
Accurate display: Events are shown in the proper sequence on the UI even when they occur within the same second.
The MQTT-to-Kafka transformer has been updated to correctly route certificate renewal messages:
Messages with
mode: "certificate_policy_renew_request"
are now forwarded to thedevicetrust_certificatepolicyrenewrequest_v1
Kafka topic.
We are excited to announce the launch of Device Trust Manager, a comprehensive solution for managing and securing IoT devices at scale.
Device Trust Manager is designed to streamline certificate management, provisioning, and device authentication, providing robust lifecycle management for connected devices.
Comprehensive Device Management: Centralized interface for secure registration, monitoring, and management of IoT devices.
Automated Certificate Lifecycle: Automates the issuance, renewal, and revocation of device certificates, ensuring continuous trust and compliance.
Role-Based Access Control (RBAC): Assign roles such as Solution Administrator, Device Creator, and Artifact Manager to control permissions and enhance security.
Batch Device Registration: Support for registering multiple devices at once, simplifying onboarding processes.
Flexible Keypair Generation: Choose between DigiCert® ONE-generated keys or user-provided CSRs for seamless integration into various deployment models.
Secure Artifact Management: Develop and deploy software updates through structured artifact and release management.
Integration with DigiCert® ONE platform: Provides seamless interaction with other DigiCert® services, enabling unified certificate management across devices and infrastructure.
With Device Trust Manager, organizations can build a secure IoT ecosystem by managing device identities and ensuring trusted connections throughout their lifecycles. To get started, see the Device Trust Manager Get Started guide for setup instructions and usage tips.
For additional details, visit our Device Trust Manager documentation.