Filtrage par : TLS 1.0 x effacer
new

Multi-year Plans now available

We are happy to announce that Multi-year Plans are now available in CertCentral and CertCentral Partners.

DigiCert® Multi-year Plans allow you to pay a single discounted price for up to six years of SSL/TLS certificate coverage. With Multi-year Plans, you pick the SSL/TLS certificate, the certificate validity (1 or 2 years), and the duration of coverage you want (up to six years). Until the plan expires, you reissue your certificate at no cost each time it reaches the end of its validity period.

Note: This product is not available for CertCentral Enterprise accounts.

The maximum validity of an SSL/TLS certificate is 825 days (397 days after September 1, 2020). When the active certificate for a Multi-year Plan is about to expire, you reissue the certificate to maintain your SSL/TLS coverage.

compliance

Browser support for TLS 1.0 and 1.1 has ended

The four major browsers no longer support Transport Layer Security (TLS) 1.0 and 1.1.

What you need to know

This change doesn't affect your DigiCert certificates. Your certificates continue to work as they always have.

This change affects browser-dependent services and applications relying on TLS 1.0 or 1.1. Now that browser support for TLS 1.0 and 1.1 has ended, any out-of-date systems will be unable to make HTTPS connections.

What you need to do

If you are affected by this change and your system supports more recent versions of the TLS protocol, upgrade your server configuration as soon as you can to TLS 1.2 or TLS 1.3.

If you do not upgrade to TLS 1.2 or 1.3, your webserver, system, or agent will not be able to use HTTPS to securely communicate with the certificate.

Browser TLS 1.0/1.1 deprecation information

Firefox 78, released June 30, 2020

Safari 13.1, released March 24, 2020

Chrome 84, released July 21, 2020

Edge v84, released 7/16/2020

Helpful resources

With so many unique systems relying on TLS, we can't cover all upgrade paths, but here are a few references that may help:

enhancement

CertCentral Services API: Updated error message documentation

In the Services API documentation, we've updated the Errors page to include descriptions for error messages related to:

  • Immediate DV certificate issuance
  • Domain control validation (DCV)
  • Certificate Authority Authorization (CAA) resource record checks

Earlier this year, we improved the APIs for DV certificate orders and DCV requests to provide more detailed error messages when DCV, file authorization, DNS lookups, or CAA resource record checks fail. Now, when you receive one of these error messages, check the Errors page for additional troubleshooting information.

For more information:

compliance

Fin de la prise en charge des navigateurs pour TLS 1.0 et 1.1

En 2020, les quatre principaux navigateurs mettront fin à la prise en charge de la sécurité de Transport Layer Security (TLS) 1.0 et 1.1.

Ce changement n'affecte pas vos certificats DigiCert. Vos certificats continueront à fonctionner comme ils l'ont toujours fait.

Ce que vous devez savoir

Ce changement affecte les services et les applications dépendantes du navigateur qui reposent sur TLS 1.0 ou 1.1. Une fois que les navigateurs ne prendront plus en charge TLS 1.0 ou 1.1, ces systèmes dépassés ne pourront plus établir de connexions HTTPS.

Ce que vous devez faire

Si vous êtes concerné par ce changement, prévoyez d'activer ou de mettre à niveau vers TLS 1.2 ou TLS 1.3 dès maintenant. Prévoyez le temps nécessaire pour régler les problèmes éventuels. Avant de commencer, veillez à identifier tous les systèmes susceptibles d'utiliser TLS 1.0 ou 1.1.

N'oubliez pas de vérifier les serveurs web comme Apache ou Microsoft IIS, .NET Framework, les agents de surveillance des serveurs et les autres applications commerciales qui pourraient y recourir.

Ressources utiles

Compte tenu du grand nombre de types de systèmes différents reposant sur le TLS, nous ne pouvons pas couvrir toutes les voies de mise à niveau disponibles, mais voici quelques références qui peuvent vous aider :