Avril 23, 2020
Discovery now available in all CertCentral accounts
We are happy to announce that all existing CertCentral accounts now include Discovery, our newest and most robust certificate discovery tool.
Note: For those who were using Certificate Inspector, Discovery replaces our long time DigiCert tool, Certificate Inspector.
By default, Discovery includes Cloud scan and a Sensor scan trial with a 100-certificate limit.
Cloud scan
Cloud scan uses a cloud-based sensor, so there is nothing to install or manage. You can start scanning immediately to find all your public facing SSL/TLS certificates regardless of issuing Certificate Authority (CA). Cloud-scan runs once every 24 hours.
- To learn more, see Discovery Cloud-scan service.
- To run your first cloud scan, in the left main menu, go to Discovery > Manage Discovery. On the Manage scans page, click Single cloud scan.
Sensor scan
Sensor scan is our most robust version of Discovery. It uses sensors to scan your network to quickly find all your internal and public facing SSL/TLS certificates regardless of the issuing Certificate Authority (CA). Discovery also identifies problems in certificate configurations and implementations along with certificate-related vulnerabilities or problems in your endpoint configurations.
Scans are centrally configured and managed from inside your CertCentral account. Scan results are displayed in an intuitive and interactive dashboard inside CertCentral. Configure scans to run once or multiple times on a set schedule.
- To learn how to install a sensor and start scanning your SSL/TLS certificate landscape, see Discovery user guide.
- To continue to use Sensor scan after the trial period is over, please contact your account manager or our Support team.
Discovery audit logs
Discovery has added a new feature—Discovery Audit Logs—allowing you to track Discovery-related activities in your CertCentral account. These audit logs provide insight into user activity enabling you to see areas where training may be required, reconstruct events to troubleshoot problems, detect misuse, and discover problem areas.
To make it easier to sort through the information in the Discover audit logs, we've include several filters:
- Date range
- Division
- User
- IP Address
- Actions
(e.g., void sensor, delete scan, etc.)
To access the Discovery Audit Log, in your CertCentral account, in the left main menu, go to Account > Audit Logs. On the Audit Logs page, click Discovery Audit Logs.
Discovery language support
As we work to globalize our product offerings and make our websites, platforms, and documentation more accessible, we are happy to announce that we've added language support to Discovery in CertCentral.
Now, when configuring your language preference in CertCentral, Discovery is included in the configuration.
To configure your language preference
In your account, in the top right corner, in the "your name" drop-down list, select My Profile. On the Profile Settings page, in the Language dropdown, select a language and click Save Changes.
Bug fix: DV certificate orders did not honor Submit base domains for validation account setting
We fixed a bug in the DV certificate domain control validation (DCV) process where DV certificate orders did not adhere to the Submit base domains for validation account setting.
Note: For DV certificate orders, you were required to validate the domain exactly as named in the order.
Now, DV certificate orders honor the Submit base domains for validation account setting, allowing you to validate your subdomains at the base domain level on your DV certificate orders.
To view the Domain Validation Scope settings in your account, go to Settings > Preferences. On the Division preferences page, expand +Advanced Settings. The Domain Validation Scope settings are in the Domain Control Validation (DCV) section.
Mars 12, 2020
Updates to the Domain details page
We simplified the Domain Validation section on the Domain details page to display only two validation types with their expiration dates: OV and EV. We also updated the page to show the domain validation expiration dates calculated from when the Domain Control Verification (DCV) was completed (OV: +825 days, EV: +13 months).
Note: Previously, you could see up to two other validation types: Grid and Private. Grid certificates have the same validity period as OV: 825 days. Domain validation is not required for private certificates as these certificates are not publicly trusted.
To view a domain's validation expiration dates, in the left main menu, go to Certificates > Domains. On the Domains page, locate the domain and click its Domain Name link. On the Domain details page, under Domain Validation, view your domain validations and when they expire.
CertCentral Services API: Improved List domains and Domain info endpoints
In the DigiCert Services API, we updated the List domains and Domain info endpoints, enabling you to see when the domain control validations (DCV) for the domain expire: OV and EV validations. This new information is only returned in the response if you include the URL query string include_validation=true.
Now, when you get a list of all domains or information about a specific domain and you include the URL query string include_validation=true, you can see when the DCVs for the domain expire.
Example requests with the URL query string:
- Domain info
https://www.digicert.com/services/v2/domain/{{domain_id}}? include_validation=true - List domains
https://www.digicert.com/services/v2/domain?include_validation=true
Example response – domain control validation (DCV) expiration dates
Removed "Pending" column from Domains page
We found a bug on the Domains page preventing us from providing accurate information about a domain's pending validations. As a temporary solution, we are removing the Pending column from the page until a permanent fix can be deployed.
To view if a domain has pending validations, in the left main menu, go to Certificates > Domains. On the Domains page, locate the domain and click its Domain Name link. On the Domain details page, under Domain Validation, check to see if the domain has pending validations: OV and EV.
Novembre 30, 2018
Nous avons corrigé un bogue affectant la page de détails d’une commande de certificat SSL en attente, qui brisait le lien vers les actions de validation du contrôle de domaine.
Désormais, lorsque vous accédez à la page de détails d’une commande de certificat en attente et que cliquez sur le lien du domaine en attente de validation, la fenêtre Prove Control Over Domain (Prouver le contrôle du domaine) s’ouvre pour vous permettre de choisir une méthode DCV.
Novembre 26, 2018
Nous avons corrigé un bogue affectant l’affichage des informations de validation de domaine. Les domaines dont les validations avait expiré affichaient un statut « Terminé » sans aucune action pour exécuter la validation du domaine.
Désormais, lorsque vous accédez à la page de détails d’une commande, un symbole de « validation en attente » s’affiche à côté du domaine avec des actions permettant de faire valider le domaine. (Dans le menu latéral, cliquez sur Certificate > Orders [Certificats > Commandes], puis sur la page Orders [Commandes], cliquez sur le numéro de commande.)
