DigiCert X9 PKI for TLS certificate
Regulated by the ASC X9 standards body, DigiCert's X9 PKI for TLS certificate is governed by an independent certificate policy unaffiliated with the browsers, but that ensures interoperability by using a common root of trust. Your X9 PKI for TLS certificate can have both client and server authentication EKUs, meeting today's unique need for control, security, flexibility, and scalability with encryption, identity, and cross-certification capabilities. Learn more about X9 PKI and schedule a consultation.
The X9 PKI for TLS certificate is ideal for organizations relying on TLS certificates for host-to-host communications like mutual TLS (mTLS), APIs, and other non-web browser use cases.
Importante
Don’t see the X9 PKI for TLS certificate in CertCentral?
To enable DigiCert's X9 PKI for TLS certificate for your CertCentral account, contact your account representative or DigiCert Support today.
Features:
Includes the server authentication and client authentication extended key usages (EKUs) by default
Option to include only one EKU: client authentication or server authentication.
Includes the digital signature key usage with an option to include the key encipherment KU (RSA CSR) or key agreement KU (ECC CSR).
Secure up to 250 domains/IP addresses on one certificate
DigiCert’s X9 PKI for TLS certificate only supports fully qualified domain names and IP addresses. You cannot include a wildcard domain in your certificate.
Available in RSA and ECC algorithms by providing an RSA CSR or ECC CSR
Supports RSA 2048, 3072, and 4096 key lengths
Supports ECC p-256 and p-384 key lengths
Note: For the initial release of our X9 PKI for TLS certificate, we issue our ECC certificates from RSA intermediate CA certificates.
Comes with unlimited free reissues and duplicates for the life of the certificate
Meets Accredited Standards Committee X9 requirements and standards