Skip to main content

Allowlist IP addresses and URLs

The following table lists the current DigiCert ONE IP addresses and URLs for different locations. Add these to your allowlists and outbound firewall rules to make sure you can connect.

Location

URLs

IP addresses

Production

US

one.digicert.com

45.60.44.211

45.60.46.211

45.60.48.211

45.60.50.211

45.60.52.211

45.60.105.211

crl.one.digicert.com

216.168.244.38

ocsp.one.digicert.com

216.168.244.38

cacerts.one.digicert.com

216.168.244.38

JP

one.digicert.co.jp

crl.one.digicert.co.jp

ocsp.one.digicert.co.jp

Multiple IPs

CH

one.ch.digicert.com

crl.one.ch.digicert.com

ocsp.one.ch.digicert.com

cacerts.one.ch.digicert.com

91.240.105.35

NL

one.nl.digicert.com

crl.one.nl.digicert.com

ocsp.one.nl.digicert.com

cacerts.one.nl.digicert.com

202.65.16.35

Demo

US

demo.one.digicert.com

crl.demo.one.digicert.com

ocsp.demo.one.digicert.com

cacerts.demo.one.digicert.com

216.168.245.10

JP

demo.one.digicert.co.jp

crl.demo.one.digicert.co.jp

ocsp.demo.one.digicert.co.jp

20.191.175.140

CH

demo.one.ch.digicert.com

crl.demo.one.ch.digicert.com

ocsp.demo.one.ch.digicert.com

cacerts.demo.one.ch.digicert.com

91.240.105.29

NL

demo.one.nl.digicert.com

crl.demo.one.nl.digicert.com

ocsp.demo.one.nl.digicert.com

cacerts.demo.one.nl.digicert.com

202.65.16.34

Avis

  • All CRL/OCSP/CACERTS/AIA hosts use http (port 80).

  • All of the main domains like one.digicert.com and demo.one.digicert.com use https (port 443).

  • Add the domains:

    • Client Auth Domain (clientauth.one.digicert.com and clientauth.demo.one.digicert.com) on port 443.

    • LDAP Domain (directory.one.digicert.com and directory.demo.one.digicert.com) on port 389.

  • If you miss any IP addresses, use a command such as nslookup one.digicert.com to find the IP address to allow.