Skip to main content

Enterprise PKI Manager

Enhancements

API Enhancements

  • The enrollments API endpoint was updated to accept an enrollment code expiry_date using a date and time, not just the date.

  • Allow certificate validity period to be overridden via REST API for profiles configured with EST or SCEP enrollment methods, by enabling a checkbox within the certificate profile. See the Swagger API documentation for details. The API link is also located under the Resources menu item in the administration console.

Profile Wizard Enhancements

  • Complete redesign of the profile wizard pages to adhere to the common UX design guidelines.

  • Added support for single or multiple Domain Component (DC) fields within the Subject DN.

  • For profiles configured with the SAML IdP authentication method, added the ability to optionally configure the SAML IdP configuration data by uploading the SAML IdP Metadata file generated by a SAML IdP provider.

  • Enabled the Renewal and Revocation email templates for profiles configured with the REST API enrollment method.

  • Added help text to the signing algorithm field within the "Custom and optional fields" page, "Certificate fields" section.

  • Enabled the Allow duplicate certificates option for the Generic Device and Server Certificate templates.

SAML Enhancements

Support for sending renewal emails to be sent to end-users and redirecting them to their SAML IdP provider for authentication before proceeding with the renewal flow for the enrollment method used against the profile (DigiCert Desktop Client, CSR, Browser PKCS12).

Other enhancements

  • Redesign of 403/404 error and No Permissions pages.

  • The Certificates list page is now ordered by valid-from date, showing the last issued certificates at the top of the table.

  • Updated the "Client tools repository" for DigiCert Desktop Client with redesigned profile screenshots and updated token names.

Known issues

Multiple certificates (configured with an Email field within the Subject DN) could be created with the same Subject DN even if the "Allow duplicate certificate" option is enabled.

Fixes

  • [DOEPM-2645] Fixed issue with slow responding Audit Logs page.

  • [DOEPM-2731] Fixed blank screen after certificate installation via DigiCert Desktop Client, for profiles configured hardware tokens and the Enrollment Code authentication method.

  • [DOEPM-2735] Fixed issue when uploading certificates with unsupported fields via the certificate-import API endpoint.

  • [DOEPM-2743] Fixed issue where non-mandatory SAN fields for profiles configured with the CSR enrollment method were being validated as required fields and delivering an undue error message.