Enterprise PKI Manager
New
Certificate Profile
Support for a new Authentication Method called SAML IdP and new field Source named
SAML Assertionto support the new SAML use-case.An online self-signed Root CA can now be selected as the Issuing CA when creating a certificate profile.
New Certificate Template - SEC Infrastructure Certificate
New template to support specific requirements to issue Infrastructure ECDSA certificates to Smart Energy Code (SEC) subscribers to authenticate to PKI services. Also renamed the
DCC Organization Certificatetemplate toSEC Organization Certificate.
Enhancements
SAML 2.0
Support for certificate requests being authenticated by a customer SAML Identity Provider (SAML IdP) before sending DigiCert a signed SAML Assertion used to authorize the request or issuance of a certificate. The supported Enrollment Methods for this use-case (SAML IdP authentication method) are:
For the "Generic User" template:
DigiCert Desktop Client,Browser PKCS12andCSRFor the "Generic Device" template:
Browser PKCS12andCSRFor the "Generic Private Server" template:
CSR
Once a profile is saved, you will be able to view or download the DigiCert SAML Service Provider (SP) configuration data, which is required to configure your SAML IdP solution, and enroll for certificates via SP or IdP-initiated flows.
Enhanced the Audit Logs page to trap SAML failure events, which helps with SAML troubleshooting.
UX Redesign
Redesign of Profile Lists page.
Fixes
Incorrect valid-to certificate date displayed within Seats Lists page.
Not able to download multiple certificates in bulk via a ZIP fle.
Removed empty line from PEM-encoded certificates, when last line in the Base64-encoded response reached 64 characters.
Removal of Basic Constraints extension (delivered in previous release for "External Private CA" template), from already saved profiles using a different template.