Dicembre 31, 2022
DIGICERT 2022 MAINTENANCE SCHEDULE
To make it easier to plan your certificate-related tasks, we scheduled our 2022 maintenance windows in advance. See DigiCert 2022 scheduled maintenance—this page is updated with all current maintenance schedule information.
With customers worldwide, we understand there is not a "best time" for everyone. However, after reviewing the data on customer usage, we selected times that would impact the fewest amount of our customers.
About our maintenance schedule
- Maintenance is scheduled for the first weekend of each month unless otherwise noted.
- Each maintenance window is scheduled for 2 hours.
- Although we have redundancies to protect your service, some DigiCert services may be unavailable.
- All normal operations will resume once maintenance is completed.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
If you need more information regarding these maintenance windows, contact your account manager or DigiCert support team.
Luglio 9, 2022
Upcoming Schedule Maintenance
Some DigiCert services will be down for a total of 20 minutes during scheduled maintenance on July 9, 2022, 22:00 – 24:00 MDT (July 10, 2022, 04:00 – 06:00 UTC).
Infrastructure-related maintenance downtime
The services listed below will be down for a total of 20 minutes while we perform our infrastructure-related maintenance. The downtime consists of two 10-minute windows, one at the start and one at the end of the infrastructure-related work:
- Start: 22:00 – 22:10 MDT (UTC -6)
- End: 23:30 – 23:40 MDT (UTC -6)*
*The plan is to end our maintenance at approximately 23:30 MDT (UTC –6). However, if issues occur, we will need to end this work early, which means the second downtime may happen earlier than planned.
Affected services
CertCentral® / Services API
- Unable to access your CertCentral account.
- Services API will be unable to process requests.
- APIs will return a "503 Service is unavailable" error.
- Resubmit failed requests after services are restored.
CertCentral Automation / API
- Reschedule automation events around maintenance.
- If automation events cannot be rescheduled, retry failed events after services are restored.
Discovery / API
- Reschedule Discovery scans around maintenance.
- If scans cannot be rescheduled, retry failed scans after services are restored.
Direct Cert Portal / API
- Unable to access your Direct Cert Portal account
- Direct Cert Portal API will be unable to process requests.
- APIs will return a "503 Service is unavailable" error.
- Resubmit failed requests after services are restored.
QuoVadis® TrustLink® certificate issuance
- TrustLink certificate requests submitted during this time will be delayed
- Requests will be queued and processed after services are restored
PKI Platform 8 new domain and organization validation
- New domains submitted for validation during this time will be delayed.
- New organizations submitted for validation during this time will be delayed.
- Requests will be queued and processed after services are restored.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2022 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
Maggio 31, 2022
CertCentral Services API: Improved Order info API response
Update: To give API consumers more time to evaluate the impact of the Order info API response changes on their integrations, we are postponing this update until May 31, 2022. We originally planned to release the changes described below on April 25, 2022.
On May 31, 2022, DigiCert will make the following improvements to the Order info API. These changes remove unused values and update the data structure of the order details object to be more consistent for orders in different states across product types.
For more information and response examples for public TLS, code signing, document signing, and Class 1 S/MIME certificates, see the reference documentation for the Order info endpoint.
If you have questions or need help with these changes, contact your account representative or DigiCert Support.
Need to test your API integration?
To help CertCentral Services API consumers evaluate the impact of these changes, DigiCert is providing a beta server for API consumers to test their integrations prior to the May 31, 2022 release. To learn more, see our knowledge base article: DigiCert CertCentral Services API beta server.
General enhancements
The following changes apply to orders for various certificate types irrespective of order status.
Removed parameters:
public_id(string)
For all orders, the API will stop returning thepublic_idparameter. DigiCert no longer supports the Express Install workflow that required apublic_idvalue.certificate.ca_cert_id(string)
For DV certificate orders, the API will stop returning theca_cert_idparameter. The value of this parameter is an internal ID for the issuing ICA certificate and cannot be used externally. The API already excludes theca_cert_idparameter from the order details for other product types.
To get the name and public ID of the issuing ICA certificate associated with the order, use theca_certobject instead.verified_contacts(array of objects)
For document signing certificate orders, the API will stop returning theverified_contactsarray. The API already excludes theverified_contactsarray from the order details for other product types.certificate.dns_names(array of strings)
If there are no DNS names associated with the order (for example, if the order is for a code signing, document signing, or Class 1 S/MIME certificate), the API will stop returning thedns_namesarray.
Before, the API returned adns_namesarray with an empty string:[" "]certificate.organization_units(array of strings)
If there are no organization units associated with the order, the API will stop returning anorganization_unitsarray.
Before, for some product types, the API returned anorganization_unitsarray with an empty string:[" "]certificate.cert_validity
In thecert_validityobject, the API will only return a key/value pair for the unit used to set the certificate validity period when the order was created. For example, if the validity period of the certificate is for 1 year, thecert_validityobject will return ayearsparameter with a value of 1.
Before, thecert_validityobject sometimes returned values for bothdaysandyears.
Added parameters:
order_validity(object)
For code signing, document signing, and client certificate orders, the API will start returning anorder_validityobject.
Theorder_validityobject returns thedays,years, orcustom_expiration_datefor the order validity period. The API already includes anorder_validityobject in the order details for public SSL/TLS products.payment_profile(object)
For DV certificate orders, if the order is associated with a saved credit card, the API will start returning apayment_profileobject. The API already includes apayment_profileobject in the order details for other product types.server_licensesFor DV certificate orders, the API will start returning theserver_licensesparameter. The API already includes theserver_licensesparameter in the order details for other product types.
Unapproved order requests
The following changes apply only to certificate order requests that are pending approval or that have been rejected. These changes bring the data structure of the response closer to what the API returns after the request is approved and the order is submitted to DigiCert for validation and issuance.
To manage unapproved and rejected requests, we recommend using the Request endpoints (/request) instead of retrieving the order details. We designed the /request endpoints to manage pending and rejected certificate order requests, and these endpoints remain unchanged.
Note: For quicker certificate issuance, we recommend using a workflow that skips or omits the request approval step for new certificate orders. If your API workflow already skips or omits the approval step, you can safely ignore the changes below. Learn more about removing the approval step:
- Best practices – Always include skip_approval parameter
- Remove the approval step from the certificate order process
Added parameters:
disable_ct(boolean)allow_duplicates(boolean)cs_provisioning_method(string)
Removed parameters:
server_licenses(integer)
For unapproved order requests, the API will stop returning theserver_licensesparameter. The API will continue including theserver_licensesparameter in order details for approved order requests.
Improved organization object
To provide a consistent data structure in the order details for unapproved and approved order requests, the API will return a modified organization object on unapproved order requests for some product types.
The API will stop returning the following unexpected properties on unapproved order requests for all product types:
organization.status(string)organization.is_hidden(boolean)organization.organization_contact(object)organization.technical_contact(object)organization.contacts(array of objects)
The API will start returning the following expected properties, if existing, on unapproved order requests for all product types:
organization.name(string)organization.display_name(string)organization.assumed_name(string)organization.city(string)organization.country(string)
To get organization details not included in the Order info response, use the Organization info API endpoint.
Maggio 19, 2022
CertCentral: Update organization and technical contacts from the organization's details page
We are happy to announce you can now manage your organization and technical contacts from your organization's details page. This new feature allows you to replace incorrect contacts anytime.
Note: Before, you could only view the existing organization and technical contacts when visiting the organization's details page. The only way to replace an organization or technical contact was when requesting a TLS certificate.
The next time you visit an organization's details page, you can update the organization contact and technical contact for the organization. After editing a contact, you will see the new contact information the next time you order a certificate that includes organization and technical contacts.
Items to note when replacing contacts:
- Replacing a contact is not retroactive and does not affect existing certificate orders, issued or pending.
- Replacing the organization contact does not affect the organization validation. However, we will contact the organization directly to verify the new organization contact.
See for yourself
- In your CertCentral account, in the left main menu, go to Certificates > Organizations.
- On the Organizations page, select the name of the organization.
- On the organization's details page, you can now replace the organization contact and add, delete, and replace the technical contact.
Learn more:
CertCentral Services API: Update organization and technical contacts
To help you manage the organization and technical contacts for your organizations in your API integrations, we added the following endpoints to the CertCentral Services API:
- Organization and technical contact info
Get details about the organization contact and technical contact associated with an organization. - Update organization and technical contact
Update or replace the organization contact and technical contact associated with an organization.
Maggio 7, 2022
Upcoming Schedule Maintenance
Update: There is no planned downtime during maintenance on May 7, MDT (May 8, UTC).
DigiCert will perform scheduled maintenance on May 7, 2022, between 22:00 – 24:00 MDT (May 8, 2022, between 04:00 – 06:00 UTC). Although we have redundancies to protect your services, some DigiCert services may be unavailable during this time.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- See the DigiCert 2022 maintenance schedule for maintenance dates and times.
Services will be restored as soon as we complete the maintenance.
Aprile 11, 2022
CertCentral Services API: Domain locking API endpoints
DigiCert is happy to announce our domain locking feature is now available in the CertCentral Services API.
Note: Before you can use the domain locking endpoints, you must first enable domain locking for your CertCentral account. See Domain locking – Enable domain locking for your account.
New API endpoints
- Activate domain locking
Activate domain locking for a given domain. - Deactivate domain locking
Deactivate domain locking for a given domain. - Check CAA (domain lock)
Check a given domain's DNS CAA resource record for a domain lock account token.
Updated API endpoints
We updated the response for the Domain info and List domains endpoints to include the following parameters with domain lock details:
domain_locking_status(string)
Domain lock status. Only returned if domain locking is enabled for the account.account_token(string)
Domain lock account token. Only returned if domain locking is enabled for the account, and if domain locking has been activated for the domain at least once.
To learn more, see:
Aprile 2, 2022
Upcoming Schedule Maintenance
DigiCert will perform scheduled maintenance on April 2, 2022, between 22:00 – 24:00 MDT (April 3, 2022, between 04:00 – 06:00 UTC). During this time, some services may be down for up to two hours.
Note: Maintenance will be one hour earlier for those who don't observe daylight savings.
Infrastructure-related maintenance downtime
We will start this infrastructure-related maintenance at 22:00 MDT (04:00 UTC). Then the services listed below may be down for up to two hours.
CertCentral® TLS certificate issuance:
- TLS certificate requests submitted during this time will fail
- Failed requests should be resubmitted after services are restored
CIS and CertCentral® SCEP:
- Certificate Issuing Service (CIS) will be down
- CertCentral Simple Certificate Enrollment Protocol (SCEP) will be down
- Requests submitted during this time will fail
- CIS APIs will return a "503 Service is unavailable" error
- Failed requests should be resubmitted after services are restored
Direct Cert Portal new domain and organization validation:
- New domains submitted for validation during this time will fail
- New organizations submitted for validation during this time will fail
- Failed requests should be resubmitted after services are restored
QuoVadis® TrustLink® certificate issuance:
- TrustLink certificate requests submitted during this time will be delayed
- Requests will be added to a queue for processing later
- Queued-up requests will be processed after services are restored
PKI Platform 8 new domain and organization validation:
- New domains submitted for validation during this time will fail
- New organizations submitted for validation during this time will fail
- Requests will be added to a queue for processing later
- Queued-up requests will be processed after services are restored
- Access to User Authorization Agent (UAA) services will be disabled: both the UAA Admin and User web portals
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2022 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
Marzo 10, 2022
CertCentral: DNS CNAME DCV method now available for DV certificate orders
In CertCentral and the CertCentral Services API, you can now use the DNS CNAME domain control validation (DCV) method to validate the domains on your DV certificate order.
Note: Before, you could only use the DNS CNAME DCV method to validate the domains on OV and EV certificate orders and when prevalidating domains.
To use the DNS CNAME DCV method on your DV certificate order:
- In CertCentral:
- When ordering a DV TLS certificate, you can select DNS CNAME as the DCV method.
- On the DV TLS certificate's order details page, you can change the DCV method to DNS CNAME Record.
- In the Services API:
- When requesting a DV TLS certificate, set the value of the dcv_method request parameter to dns‑cname‑token.
Note: The AuthKey process for generating request tokens for immediate DV certificate issuance does not support the DNS CNAME DCV method. However, you can use the File Auth (http‑token) and DNS TXT (dns‑txt‑token) DCV methods. To learn more, visit DV certificate immediate issuance.
To learn more about using the DNS CNAME DCV method:
- For CertCentral:
- For the Services API:
Marzo 8, 2022
CertCentral Services API: Improved List domains endpoint response
To make it easier to find information about the domain control validation (DCV) status for domains in your CertCentral account, we added these response parameters to domain objects in the List domains API response:
dcv_approval_datetime: Completion date and time of the most recent DCV check for the domain.last_submitted_datetime: Date and time the domain was last submitted for validation.
For more information, see the reference documentation for the List domains endpoint.
Marzo 5, 2022
Upcoming Schedule Maintenance
DigiCert will perform scheduled maintenance on March 5, 2022, between 22:00 – 24:00 MST (March 6, 2022, between 05:00 – 07:00 UTC). During this time, some services may be down for up to two hours.
Infrastructure-related maintenance downtime
We will start this infrastructure-related maintenance at 22:00 MST (05:00 UTC). Then the services listed below may be down for up to two hours.
CertCentral™ TLS certificate issuance:
- TLS certificate requests submitted during this time will fail
- Failed requests should be resubmitted after services are restored
CIS and CertCentral™ SCEP:
- Certificate Issuing Service (CIS) will be down
- CertCentral Simple Certificate Enrollment Protocol (SCEP) will be down
- Requests submitted during this time will fail
- CIS APIs will return a "503 Service is unavailable" error
- Failed requests should be resubmitted after services are restored
Direct Cert Portal new domain and organization validation:
- New domains submitted for validation during this time will fail
- New organizations submitted for validation during this time will fail
- Failed requests should be resubmitted after services are restored
QuoVadis™ TrustLink™ certificate issuance:
- TrustLink certificate requests submitted during this time will be delayed
- Requests will be added to a queue for processing later
- Queued-up requests will be processed after services are restored
PKI Platform 8 new domain and organization validation:
- New domains submitted for validation during this time will fail
- New organizations submitted for validation during this time will fail
- Requests will be added to a queue for processing later
- Queued-up requests will be processed after services are restored
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2022 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
Febbraio 17, 2022
CertCentral: Improved verified contact EV TLS certificate request approval process
In CertCentral and the CertCentral Services API, we updated the EV TLS certificate request process to only send the EV TLS request approval emails to the verified contacts you include on the certificate request.
Note: Before, when you requested an EV TLS certificate, we sent the EV order approval email to all the verified contacts for the organization.
Add verified contacts to an EV TLS certificate request:
- CertCentral
When requesting an EV TLS certificate, you can:- Keep the existing verified contacts assigned to the organization
- Remove contacts (at least one is required)
- Add new contacts (we must validate each new contact, which may delay certificate issuance).
- Services API
When requesting an EV TLS certificate, include the verified contacts in theorganization.contactsarray of the JSON request. For verified contacts, the value of thecontact_typefield isev_approver.
To learn more about EV TLS certificate requests:
- For CertCentral, see Order an EV SSL/TLS certificate.
- For Services API, see Order Basic EV, Order Secure Site EV, and Order Secure Site Pro EV.
Febbraio 12, 2022
Upcoming Scheduled Maintenance
DigiCert will perform scheduled maintenance on February 12, 2022, between 22:00 – 24:00 MST (February 13, 2022, between 05:00 – 07:00 UTC). Although we have redundancies to protect your services, some DigiCert services may be unavailable during this time.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- If you use the APIs for immediate certificate issuance and automated tasks, expect interruptions.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2022 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
Expanding Range of IP Addresses Used for DigiCert Services
As part of our scheduled maintenance on February 12, 2022, 22:00 – 24:00 MST (February 13, 2022, 05:00 - 07:00 UTC), DigiCert is expanding the range of IP addresses we use for our services. These additional IP addresses are part of our efforts to increase service uptime and reduce the need for service downtime during scheduled maintenance.
What do I need to do?
If your company uses allowlists*, update them to include the block of IP addresses listed below by February 12, 2022, to keep your DigiCert services and API integrations running as expected.
*Note: Allowlists are lists for firewalls that only allow specified IP addresses to perform certain tasks or connect to your system.
New range of IP addresses
Add this range of IP addresses to your allowlist: 216.168.240.0/20
Note: We are not replacing or removing any IP addresses. We are only expanding the range of IP Addresses we use to deliver our services.
Affected services:
- CertCentral/Services API
- ACME
- Discovery/API
- Discovery sensor firewall settings
- ACME Automation/API
- Certificate Issuing Service (CIS)
- Simple Certificate Enrollment Protocol (SCEP)
- API access URL
- Direct Cert Portal/API
- DigiCert website
- Validation services
- PKI Platform 8
- PKI Platform 7 (Japan and Australia)
- QuoVadis TrustLink
- DigiCert ONE
- Account Manager
- CA Manager
- IoT Device Manager
- Document Signing Manager
- Secure Software Manager
- Enterprise PKI Manager
- Automation Manager
For easy reference, see our knowledgebase article, Expanding Range of IP Addresses for DigiCert Services. If you have questions, please contact your account manager or DigiCert Support.
Febbraio 9, 2022
CertCentral Services API: Domain info enhancement
We updated the Domain info API response to include the expiration_date parameter for the DCV token associated with the domain. Now, when you call the Domain info API and set the value of the include_dcv query parameter to true, the dcv_token object in the response includes the expiration_date of the DCV token for the domain.
Gennaio 24, 2022
Improved Domains page, Validation status filter—Completed / Validated
On the Domains page, in the Validation status dropdown, we updated the Completed / Validated filter to make it easier to find domains with completed and active domain control validation (DCV).
Note: Before, when you searched for domains with Completed / Validated DCV, we returned all domains with completed DCV even if the domain validation had expired.
Now, when you search for domains with Completed / Validated DCV, we only return domains with completed and active DCV in your search results. To find domains with expired DCV, use the Expired filter in the Validation status dropdown.
Find domains with completed and active DCV
- In CertCentral, in the left main menu, go to Certificates > Domains.
- On the Domains page, in the Validation status dropdown, select Completed / Validated.
CertCentral Services API: List domains enhancement
For the List domains API, we updated the filters[validation]=completed filter to make it easier to find domains validated for OV or EV certificate issuance.
Before, this filter returned all domains with completed DCV checks, even if the domain validation had expired. Now, the filter only returns domains with an active OV or EV domain validation status
Gennaio 8, 2022
Upcoming Scheduled Maintenance
DigiCert will perform scheduled maintenance on January 8, 2022, between 22:00 – 24:00 MST (January 9, 2022, between 05:00 – 07:00 UTC). Although we have redundancies to protect your service, some DigiCert services may be unavailable during this time.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- If you use the APIs for immediate certificate issuance and automated tasks, expect interruptions.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2022 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
Dicembre 31, 2021
Per semplificare la pianificazione delle tue attività correlate al certificato, abbiamo programmato anticipatamente i nostri periodi di manutenzione 2021. Consulta Manutenzione programmata DigiCert 2021—questa pagina viene mantenuta aggiornata con tutte le informazioni sul programma di manutenzione.
Con i clienti in tutto il mondo, capiamo che non esiste un periodo migliore per tutti. Tuttavia, dopo aver analizzato i dati sull’utilizzo da parte dei clienti, abbiamo scelto dei periodi che avranno il minimo impatto sui nostri clienti.
Informazioni sul nostro programma di manutenzione
- La manutenzione viene programmata per il primo week-end di ciascun mese, se non diversamente indicato.
- Ciascun periodo di manutenzione viene programmato per 2 ore.
- Sebbene abbiamo applicato delle ridondanze per proteggere il tuo servizio, alcuni servizi DigiCert potrebbero essere non disponibili.
- Tutte le normali operazioni riprenderanno una volta completata la manutenzione.
Se ti servono ulteriori informazioni relative a questi periodi di manutenzione, contatta il tuo account manager o il team di assistenza DigiCert. Per ricevere aggiornamenti diretti, iscriviti alla pagina Stato DigiCert.
Dicembre 7, 2021
CertCentral Report Library now available
We are happy to announce the CertCentral Report Library is now available for CertCentral Enterprise and CertCentral Partner.* The Report Library is a powerful reporting tool that allows you to download more than 1000 records at a time. Use the Report Library to build, schedule, organize, and export reports to share and reuse.
The Report Library includes six customizable reports: Orders, Organizations, Balance history, Audit log, Domains, and Fully qualified domain names (FQDN). When building reports, you control the details and information that appear in the report, configure the columns and column order, schedule how often you want the report to run (once, weekly, or monthly), and choose the report format (CSV, JSON, or Excel). In addition, you receive notices when the report is ready for download in your account.
To build your first report:
- In your CertCentral account, in the main menu, select Reports*.
Note: To use the Report Library, you must be a CertCentral administrator. CertCentral Managers, Finance Managers, Standard Users, and Limited Users do not have access to Reports in their accounts. - On the Report library page, select Build a report.
To learn more about building reports:
*Note: Don't see the Report Library in your account? Contact your account manager or our support team for help.
CertCentral Report Library API also available
We're pleased to announce the release of the CertCentral Report Library API! This new API service makes it possible to leverage key features of the Report Library in your CertCentral API integrations, including building reports and downloading report results*.
See our Report Library API documentation to learn more about including the Report Library in your API integrations.
*Note: To use the CertCentral Report Library API, Report Library must be enabled for your CertCentral account. For help activating the Report Library, contact your account manager or our support team.
Bugfix: Unique organization name check did not include assumed name
We updated our unique organization name check to include the assumed name (doing business as name) when creating an organization.
Before, in CertCentral and the CertCentral Services API, when you tried to create an organization with the same name as an existing organization, we returned an error and would not let you create the organization, even if the assumed name (DBA) was different.
Now, when you create an organization, we include the assumed name in the unique organization check. Therefore, you can create organizations with the same name, as long as each organization has a unique assumed name.
For example:
- First organization: No assumed name
- Name: YourOrganization
- Assumed name:
- Second organization: Name plus unique assumed name
- Name: YourOrganization
- Assumed name: OrganizationAssumedName
Creating organizations
In CertCentral and the CertCentral Services API, you can create an organization to submit for prevalidation or when you order a TLS/SSL certificate. This change applies to both processes.
CertCentral: DigiCert now issues client certificates from the DigiCert Assured ID Client CA G2 intermediate CA certificate
To remain compliant with industry standards, DigiCert had to replace the intermediate CA (ICA) certificate used to issue CertCentral client certificates.
CertCentral client certificate profiles that used the DigiCert SHA2 Assured ID CA intermediate CA certificate now use the DigiCert Assured ID Client CA G2 intermediate CA certificate. This change also changes the root certificate from DigiCert Assured ID Root CA to DigiCert Assured ID Root G2.
Old ICA and root certificates
- (ICA) DigiCert SHA2 Assured ID CA
- (Root) DigiCert Assured ID Root CA
New ICA and root certificates
- (ICA) DigiCert Assured ID Client CA G2
- (Root) DigiCert Assured ID Root G2
For more information, see DigiCert ICA Update. To download a copy of the new intermediate CA certificate, see DigiCert Trusted Root Authority Certificates.
Do you still need your client certificate to chain to the DigiCert Assured ID Root CA certificate? Contact your account representative or DigiCert Support.
Dicembre 4, 2021
Upcoming Scheduled Maintenance
DigiCert will perform scheduled maintenance on December 4, 2021, between 22:00 – 24:00 MST (December 5, 2021, between 05:00 – 07:00 UTC). Although we have redundancies to protect your service, some DigiCert services may be unavailable during this time.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
Novembre 16, 2021
Industry changes to file-based DCV (HTTP Practical Demonstration, file auth, file, HTTP token, and HTTP auth)
To comply with new industry standards for the file-based domain control validation (DCV) method, you can only use the file-based DCV to demonstrate control over fully qualified domain names (FQDNs), exactly as named.
To learn more about the industry change, see Domain validation policy changes in 2021.
How does this affect me?
As of November 16, 2021, you must use one of the other supported DCV methods, such as Email, DNS TXT, and CNAME, to:
- Validate wildcard domains (*.example.com)
- To include subdomains in the domain validation when validating the higher-level domain. For example, if you want to cover www.example.com, when you validate the higher-level domain, example.com.
- Prevalidate entire domains and subdomains.
To learn more about the supported DCV method for DV, OV, and EV certificate requests:
CertCentral: Pending certificate requests and domain prevalidation using file-based DCV
Pending certificate request
If you have a pending certificate request with incomplete file-based DCV checks, you may need to switch DCV methods* or use the file-based DCV method to demonstrate control over every fully qualified domain name, exactly as named, on the request.
*Note: For certificate requests with incomplete file-based DCV checks for wildcard domains, you must use a different DCV method.
To learn more about the supported DCV methods for DV, OV, and EV certificate requests:
- Supported DCV methods for validating domains on certificate OV and EV certificate requests
- Supported DCV methods for validating the domains on DV SSL certificate orders
Domain prevalidation
If you plan to use the file-based DCV method to prevalidate an entire domain or entire subdomain, you must use a different DCV method.
To learn more about the supported DCV methods for domain prevalidation, see Supported domain control validation (DCV) methods for domain prevalidation.
CertCentral Services API
If you use the CertCentral Services API to order certificates or submit domains for prevalidation using file-based DCV (http-token), this change may affect your API integrations. To learn more, visit File-based domain control validation (http-token).
Novembre 6, 2021
Upcoming Schedule Maintenance
DigiCert will perform scheduled maintenance on November 6, 2021, between 22:00 – 24:00 MDT (November 7, 2021, between 04:00 – 06:00 UTC).
CertCentral infrastructure-related maintenance downtime
We will start this infrastructure-related maintenance between 22:00 and 22:10 MDT (04:00 and 04:10 UTC). Then, for approximately 30 minutes, the following services will be down:
DV certificate issuance for CertCentral, ACME, and ACME agent automation
- DV certificate requests submitted during this time will fail
- APIs will return a "cannot connect" error
- Failed requests should be resubmitted after services are restored
CIS and SCEP
- Certificate Issuing Service (CIS) will be down
- Simple Certificate Enrollment Protocol (SCEP) will be down
- DigiCert will be unable to issue certificates for CIS and SCEP
- APIs will return a "cannot connect" error
- Requests that return "cannot connect" errors should be resubmitted after services are restore
QuoVadis TrustLink certificate issuance
- TrustLink certificate requests submitted during this time will fail
- However, failed requests will be added to a queue for processing later
- Queued-up requests will be processed after services are restored, as required
This maintenance only affects DV certificate issuance, CIS, SCEP, and TrustLink certificate issuance. It does not affect any other DigiCert platforms or services .
PKI Platform 8 maintenance
We will start the PKI Platform 8 maintenance at 22:00 MDT (04:00 UTC). Then, for approximately 30 minutes, the PKI Platform 8 will experience service delays and performance degradation that affect:
- Signing in and using your PKI Platform 8 to perform in-console certificate lifecycle tasks.
- Using any of your PKI Platform 8 corresponding APIs or protocols (for example, SOAP, REST, SCEP, and EST) to perform certificate lifecycle operations.
- Performing certificate lifecycle tasks/operations:
- Enrolling certificates: new, renew, or reissues
- Adding domains and organizations
- Submitting validation requests
- Viewing reports, revoking certificates, and creating profiles
- Adding users, viewing certificates, and downloading certificates
- Certificate issuance for PKI Platform 8 and its corresponding API.
Additionally:
- APIs will return a "cannot connect" error.
- Certificate enrollments that receive "cannot connect" errors must be resubmitted after DigiCert restores services.
The PKI Platform 8 maintenance only affects PKI Platform 8. It does not affect any other DigiCert platforms or services.
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
Ottobre 2, 2021
Upcoming Schedule Maintenance
On October 2, 2021, between 22:00 – 24:00 MDT (October 3, 2021, between 04:00 – 06:00 UTC), DigiCert will perform scheduled maintenance.
CertCentral, CIS, SCEP, Direct Cert Portal, and DigiCert ONE maintenance
DigiCert will perform scheduled maintenance. Although we have redundancies to protect your service, some DigiCert services may be unavailable during this time.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
PKI Platform 8 maintenance and downtime:
DigiCert will perform scheduled maintenance on PKI Platform 8. During this time, the PKI Platform 8 and its corresponding APIs will be down for approximately 20 minutes.
We will start the PKI Platform 8 maintenance at 22:00 MDT (04:00 UTC).
Then, for approximately 20 minutes:
- You will be unable to sign in and use your PKI Platform 8 to perform in-console certificate lifecycle tasks.
- You will be unable to use any of your PKI Platform 8 corresponding APIs or protocols (for example, SOAP, REST, SCEP, and EST) to perform certificate lifecycle operations.
- You will be unable to:
- Enroll certificates: new, renew, or reissues
- Add domains and organizations
- Submit validation requests
- View reports, revoke certificates, and create profiles
- Add users, view certificates, and download certificates
- DigiCert will be unable to issue certificates for PKI Platform 8 and its corresponding API.
- APIs will return a "cannot connect" error.
- Certificate enrollments that receive "cannot connect" errors must be resubmitted after DigiCert restores services.
The PKI Platform 8 maintenance only affects PKI Platform 8. It does not affect any other DigiCert platforms or services.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
Settembre 11, 2021
Upcoming Schedule Maintenance
On September 11, 2021, between 22:00 – 24:00 MDT (September 12, 2021, between 04:00 – 06:00 UTC), DigiCert will perform scheduled maintenance.
CertCentral, CIS, SCEP, Direct Cert Portal, and DigiCert ONE maintenance
DigiCert will perform scheduled maintenance. Although we have redundancies to protect your service, some DigiCert services may be unavailable during this time.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
PKI Platform 8 maintenance and downtime:
DigiCert will perform scheduled maintenance on PKI Platform 8. During this time, the PKI Platform 8 and its corresponding APIs will be down for approximately 60 minutes.
We will start the PKI Platform 8 maintenance at 22:00 MDT (04:00 UTC).
Then, for approximately 60 minutes:
- You will be unable to sign in and use your PKI Platform 8 to perform in-console certificate lifecycle tasks.
- You will be unable to use any of your PKI Platform 8 corresponding APIs or protocols (for example, SOAP, REST, SCEP, and EST) to perform certificate lifecycle operations.
- You will be unable to:
- Enroll certificates: new, renew, or reissues
- Add domains and organizations
- Submit validation requests
- View reports, revoke certificates, and create profiles
- Add users, view certificates, and download certificates
- DigiCert will be unable to issue certificates for PKI Platform 8 and its corresponding API.
- APIs will return a "cannot connect" error.
- Certificate enrollments that receive "cannot connect" errors must be resubmitted after DigiCert restores services.
The PKI Platform 8 maintenance only affects PKI Platform 8. It does not affect any other DigiCert platforms or services.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as we complete our maintenance.
Settembre 7, 2021
CertCentral Services API: Get orders by alternative order ID
We created a new endpoint to make it easier to get certificate order details using alternative order IDs: Get orders by alternative order ID. This endpoint returns the order ID, certificate ID, and order status of certificate orders with the alternative_order_id you provide in the URL path.
Luglio 12, 2021
Verified Mark Certificates available now.
Verified Mark Certificates (VMCs) are a new type of certificate that allow companies to place a certified brand logo next to the “sender” field in customer inboxes—visible before the message is opened—acting as confirmation of your domain’s DMARC status and your organization’s authenticated identity. Learn more about VMC certificates.
To disable or change availability of VMC in your account, visit the Product Settings page.
Note: If you do not see VMCs in your account, it may be because we are not offering the product to all account types yet. It is also possible that the product is available, but one of your CertCentral account’s administrators turned the product off in Product Settings.
CertCentral Services API: Verified Mark Certificate enhancements
To help you manage your Verified Mark Certificate (VMC) orders in your API integrations, we’ve made the following updates to the CertCentral Services API.
New endpoints:
- Order Verified Mark Certificate
We added a new endpoint—Order Verified Mark Certificate—you can use to create or renew a VMC order. - Update VMC order
We added a new endpoint—Update VMC order—you can use to update the trademark country code or registration number for a pending VMC order. - Validate VMC logo format (SVG or encoded)
We added two new endpoints—Validate logo format (SVG) and Validate logo format (encoded)—you can use to check if the format of an SVG file is compatible with the requirements for VMC. - Upload VMC logo (SVG or encoded)
We added two new endpoints—Upload VMC logo (SVG) and Upload VMC logo (encoded)—you can use to upload a logo for a pending VMC order. - Get VMC logo
We added a new endpoint—Get VMC logo—you can use to download the logo for a VMC order.
Updated endpoints:
- Order info
We updated the Order info endpoint to return a vmc object with the trademark country code, registration number, and logo information for VMC orders. - Email certificate
We updated the Email certificate endpoint to support emailing a copy of your issued VMC.
To learn more about managing VMC certificates from your API integrations, visit Verified Mark Certificate workflow.
Luglio 10, 2021
Upcoming schedule maintenance
On July 10, 2021, between 22:00 – 24:00 MDT (July 11, 2021, between 04:00 – 06:00 UTC), DigiCert will perform scheduled maintenance.
During maintenance, for approximately 60 minutes, the services specified below under Service downtime will be down. Due to the scope of the maintenance, the services specified below under Service interruptions may experience brief interruptions during a 10-minute window.
Service downtime
From 22:00 – 23:00 MDT (04:00 – 05:00 UTC), while we perform database-related maintenance, the following services will be down for up to 60 minutes:
- CertCentral / Services API
- Direct Cert Portal / API
- ACME
- Discovery / API
- ACME agent automation / API
API Note: Affected APIs will return “cannot connect” errors. Certificate-related API requests that return a “cannot connect” error message during this window will need to be placed again after services are restored.
Service interruptions
During a 10-minute window, while we perform infrastructure maintenance, the following DigiCert service may experience brief service interruptions:
- Certificate Issuing Service (CIS)
- Simple Certificate Enrollment Protocol (SCEP)
- DigiCert ONE
- Automation service
- CT Log monitoring
- Vulnerability assessment
- PCI compliance scans
Services not affected
These services are not affected by the maintenance activities:
- PKI Platform 8
- PKI Platform 7
- QuoVadis TrustLink
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance starts and when maintenance ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as the maintenance is completed.
Giugno 5, 2021
Upcoming scheduled maintenance
On June 5, 2021, between 22:00 – 24:00 MDT (June 6, 2021, between 04:00 – 06:00 UTC), DigiCert will perform scheduled maintenance. Although we have redundancies to protect your service, some DigiCert services may be unavailable during this time.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance starts and when maintenance ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
Giugno 3, 2021
CertCentral Services API: Improved domains array in OV/EV order response
To make it easier to see how the Services API groups the domains on your OV/EV TLS certificate orders for validation, we added a new response parameter to the endpoints for submitting certificate order requests: domains[].dns_name.*
The dns_name parameter returns the common name or SAN of the domain on the order. To prove you control this domain, you must have an active validation for the domain associated with the domains[].name and domains[].id key/value pairs.
Example OV certificate order
JSON payload:
JSON response:
The Services API returns the domains[].dns_name parameter in the JSON response for the following endpoints:
- Order SSL (type_hint)*
- Order OV/EV SSL
- Order Secure Site SSL
- Order Basic OV
- Order Basic EV
- Order Secure Site OV
- Order Secure Site EV
- Order Secure Site Pro SSL
- Order Secure Site Pro EV SSL
- Order Multi-year Plan*
*Note: Only order requests for OV/EV TLS certificates return a domains array.
Maggio 1, 2021
Upcoming scheduled maintenance
On May 1, 2021, between 22:00 – 24:00 MDT (May 2, 2021, between 04:00 – 06:00 UTC), DigiCert will perform scheduled maintenance.
For up to 10 minutes total during the 2-hour window, we will be unable to issue certificates for the DigiCert platforms, their corresponding APIs, immediate certificate issuance, and those using the APIs for other automated tasks.
Affected services:
- CertCentral / Service API
- ACME
- ACME agent automation / API
- Direct Cert Portal / API
- Certificate Issuing Service (CIS)
- Simple Certificate Enrollment Protocol (SCEP)
- QuoVadis TrustLink
Services not affected
- PKI Platform 8
- PKI Platform 7
- DigiCert ONE managers
API note:
- APIs will return "cannot connect" errors.
- Certificate requests submitted during this window that receive a "cannot connect" error message will need to be placed again after services are restored.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance starts and when maintenance ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
Aprile 29, 2021
CertCentral Services API: Domain validation status in Domain info response
To make it easier to get a comprehensive validation status for your domains, DigiCert is deprecating the status parameter in the Domain info response. To ensure you are getting complete and accurate status information for each different validation type on your domains, you should use the validations array when you call the Domain info endpoint from your API integrations instead.
Note: The Domain info endpoint will continue to return a status parameter value.
Background
In the Domain info response, the status parameter is designed to return a single string value. When DigiCert offered fewer products, a single value in the API was enough to represent the validation status for your domains.
Now, DigiCert offers certificate products that use many different types of validation. Different validation types have different requirements, and these requirements change as industry standards evolve. As DigiCert validates your domains for different types of certificate issuance, each type of validation that you request can be in a different state.
For example:
- The OV validation for a domain may be completed.
- The EV validation for the same domain may be expired.
As a result, DigiCert can no longer use a single value to return comprehensive information about the validation status for a domain.
Instead of relying on a single value, use the Domain info endpoint to request a validations array – a list of objects with status information for each type of validation on the domain. To get this data, include the query parameter include_validation=true when you submit your request.
For example:
Aprile 28, 2021
CertCentral Services API: Site seal enhancements
To help you manage your site seals in your API integrations, we’ve made the following updates to the CertCentral Services API:
- New endpoint: Upload site seal logo
We added a new endpoint – Upload site seal logo – you can use to upload your company logo for use with a DigiCert Smart Seal. This logo appears in the site seal on your website. Note: Only Secure Site and Secure Site Pro SSL/TLS certificates support the option to display your company logo in the site seal. - New endpoint: Update site seal settings
We added a new endpoint – Update site seal settings – you can use to change the appearance of your site seal and the information that displays on the site seal information page. - Updated endpoint: Get site seal settings
We updated the Site seal settings endpoint to return information about each property you can customize with the Update site seal settings endpoint.
Related topics:
Aprile 26, 2021
CertCentral Services API: Revoke certificate by serial number
To make it easier to manage certificates from your API integrations, we updated the Revoke certificate endpoint path to accept the certificate ID or the serial number of the certificate to revoke. Previously, the Revoke certificate endpoint path only accepted the certificate ID.
Example Revoke certificate path using the certificate ID:
https://www.digicert.com/services/v2/certificate/{{certificate_id}}/revoke
Example Revoke certificate path using the certificate serial number:
https://www.digicert.com/services/v2/certificate/{{serial_number}}/revoke
Aprile 3, 2021
Upcoming scheduled maintenance
On April 3, 2021, between 22:00 – 24:00 MDT (April 4, 2021, between 04:00 – 06:00 UTC), DigiCert will perform scheduled maintenance.
During maintenance, for up to 10 minutes, we will be unable to issue certificates for the DigiCert platforms, their corresponding APIs, immediate certificate issuance, and those using the APIs for other automated tasks.
Affected services
For approximately 10 minutes, DigiCert will be unable to issue certificates for these services and APIs:
- CertCentral / Service API
- ACME
- ACME agent automation / API
- Direct Cert Portal / API
- Certificate Issuing Service (CIS)
- Simple Certificate Enrollment Protocol (SCEP)
- QuoVadis TrustLink
Services not affected
These services are not affected by the maintenance activities:
- PKI Platform 8 / API
- PKI Platform 8 SCEP
- PKI Platform 7 / API
- PKI Platform 7 SCEP
- DigiCert ONE managers
API note:
- APIs will return "cannot connect" errors.
- Certificate requests submitted during this window that receive a "cannot connect" error message will need to be placed again after services are restored.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance starts and when maintenance ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
Marzo 17, 2021
CertCentral: New purchase order and invoice system
We are happy to announce that we are using a new purchase order and invoice system in CertCentral. We've made several changes to make it easier for you to manage your purchase orders and invoices.
The next time you sign in to CertCentral, you will see two new menu options under Finances: Pay Invoice and Purchase Orders and Invoices. Additionally, we now send all invoice emails from our new invoice system.
Pay invoices page
When you open the Pay invoice page, all invoices are preselected by default. You can choose to pay them all or select those you want to pay.
Note: If you use divisions with separate funds, when you open the Pay invoice page, all invoices for the top-level division are selected by default. Use the For dropdown to view the unpaid invoices by division in your account.
Purchase orders and invoices page
On the new Purchase orders and invoices page, you can create a purchase order (PO). In the Purchaseorders table, you can view pending and rejected POs. After we approve a PO, it becomes an invoice and moves to the Invoices table.
Note: If you use divisions with separate funds, you see the Purchase order and invoice summary page. When you click a division name, it opens the Purchase order and invoices page, where you can view the POs and invoices for that division.
In the Invoices column of the Invoices table, you can see the invoice number and the PO from which we generated it. You can download a copy of the invoice or pay the invoice. When you click Pay invoice, we take you to the Pay invoice page to pay the invoice and make the funds available in your account.
Existing PO and Invoice migration
- Autogenerated invoices
When we migrated our billing system, we did not migrate your autogenerated invoices. At the end of March, we will autogenerate a new invoice for your total amount owed. However, you can make a payment on your account at any time on the Deposit Funds page (in the left main menu, go to Finances > Deposit Funds). - Invoices generated from approved purchase orders
When we migrated your invoices to the new system, we gave them new invoice numbers. However, the associated purchase order number remains the same. If you have questions or trouble finding an invoice, please contact your account manager or DigiCert Accounts Receivable. Make sure to include your PO number and the original invoice number in the email.
CertCentral Services API: View balance enhancements
To help you track financial data in your API integrations, we updated the View balance endpoint to return the following data:
unpaid_invoice_balance
Unpaid invoice balancenegative_balance_limit
Amount the balance can go into the negativeused_credit_from_other_containers
Amount owed by other divisions in the account (for accounts with separate division funds enabled)total_available_funds
Total funds available for future purchases
Example response:
For more information, see the documentation for the View balance endpoint.
Marzo 12, 2021
CertCentral Services API: Auto-reissue support for Multi-year Plans
We are happy to announce that the CertCentral Services API now supports automatic certificate reissue requests (auto-reissue) for Multi-year Plans. The auto-reissue feature makes it easier to maintain SSL/TLS coverage on your Multi-year Plans.
You can enable auto-reissue for individual orders in your CertCentral account. When auto-reissue is enabled, we automatically create and submit a certificate reissue request 30 days before the most recently issued certificate on the order expires.
Enable auto-reissue for a new order
To give you control over the auto-reissue setting for new Multi-year Plans, we added a new request parameter to the endpoints for ordering DV, OV, and EV TLS/SSL certificates: auto_reissue.
By default, auto-reissue is disabled for all orders. To enable auto-reissue when you request a new Multi-year Plan, set the value of the auto_reissue parameter to 1 in the body of your request.
Example request body:
Note: In new order requests, we ignore the auto_reissue parameter if:
- The product does not support Multi-year Plans.
- Multi-year Plans are disabled for the account.
Update auto-reissue setting for existing orders
To give you control over the auto-reissue setting for existing Multi-year Plans, we added a new endpoint: Update auto-reissue settings. Use this endpoint to enable or disable the auto-reissue setting for an order.
Get auto-reissue setting for an existing order
To help you track the auto-reissue setting for existing certificate orders, we added a new response parameter to the Order info endpoint: auto_reissue. The auto_reissue parameter returns the current auto-reissue setting for the order.
ICA certificate chain selection for public DV flex certificates
We are happy to announce that select public DV certificates now support Intermediate CA certificate chain selection:
- GeoTrust DV SSL
- Thawte SSL 123 DV
- RapidSSL Standard DV
- RapidSSL Wildcard DV
- Encryption Everywhere DV
You can add a feature to your CertCentral account that enables you to control which DigiCert ICA certificate chain issues the end-entity certificate when you order these public DV products.
This feature allows you to:
- Set the default ICA certificate chain for each supported public DV certificate.
- Control which ICA certificate chains certificate requestors can use to issue their DV certificate.
Configure ICA certificate chain selection
To enable ICA selection for your account:
- Contact your account manager or our Support team.
- Then, in your CertCentral account, in the left main menu, go to Settings > Product Settings.
- On the Product Settings page, configure the default and allowed intermediates for each supported and available DV certificate.
For more information and step-by-step instructions, see the Configure the ICA certificate chain feature for your public TLS certificates.
DigiCert Services API: DV certificate support for ICA certificate chain selection
In the DigiCert Services API, we made the following updates to support ICA selection in your DV certificate order requests:
- Updated the Product list endpoint
After adding the ICA certificate selection chain feature to your account, the Product list endpoint returns each ICA certificate's name and ID available to issue end-entity certificates for the supported DV products (see allowed_ca_certs). - Updated the Product limits endpoint
After you configure the allowed and default ICA certificates for a DV product, the Product limits endpoint returns the default issuing ICA (default_intermediate) and allowed issuing ICAs (allowed_intermediates) that certificate requestor with a given container and user role assignment can select. - Updated the Product info endpoint
The Product list endpoint now returns the name, ID, and certificate chain information for the issuing ICAs you can select when you request a given product (see allowed_ca_certs). - Added support for ICA chain selection to these DV certificate order requests:
Pass in the issuing ICA certificate's ID as the value for the ca_cert_id parameter in your order request's body.
Example DV certificate request:
For more information about using ICA selection in your API integrations, see DV certificate lifecycle – Optional ICA selection.
Marzo 6, 2021
Upcoming scheduled maintenance
On March 6, 2021, between 22:00 – 24:00 MST (March 7, 2021, between 05:00 – 07:00 UTC), DigiCert will perform scheduled maintenance.
Although we have redundancies in place to protect your service, some DigiCert services may be unavailable during this time.
What can you do?
Please plan accordingly.
- Schedule your high-priority orders, renewals, and reissues around the maintenance window.
- To get live maintenance updates, subscribe to the DigiCert Status page. The subscription includes emails to let you know when maintenance starts and ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as the maintenance is completed.
Febbraio 19, 2021
API CertCentral Services: Nuovi endpoint subaccount
Per faciiltare la gestione del tuo subaccount, abbiamo aggiunto due nuovi endpoint alla CertCentral Services API: Elenca domini subaccount e Elenca organizzazioni subaccount.
- Elenca domini subaccount – Usa questo endpoint per ottenere le informazioni sui domini in un subaccount.
- Elenca organizzazioni subaccount – Usa questo endpoint per ottenere le informazioni sulle organizzazioni in un subaccount.
Febbraio 17, 2021
API CertCentral Services: Migliorato endpoint Crea subaccount
Per darti maggior controllo sui tuoi subaccount, abbiamo aggiunto due nuovi parametri richiesta all’endpoint Crea subaccount: child_name e max_allowed_multi_year_plan_length.
child_name– Usa questo parametro per impostare un nome visualizzato personalizzato per il subaccount.max_allowed_multi_year_plan_length– Usa questo parametro per personalizzare la durata massima degli ordini con Piano pluriennale per il subaccount.
Esempio di richiesta JSON:
Dopo aver creato un subaccount, usa l’endpoint Info subaccount per visualizzare il nome "visualizzato" di un subaccount e la durata consentita dell’ordine con Piano pluriennale.
Febbraio 6, 2021
Prossima manutenzione programmata
Il 6 febbraio 2021 dalle 22:00 alle 24:00 MST (7 febbraio 2021 dalle 05:00 alle 07:00 UTC), DigiCert eseguirà la manutenzione critica.
Durante la manutenzione, i servizi elencati di seguito saranno inattivi per circa 60 minuti. Tuttavia, a causa dell’ambito in cui lavorare, ci potrebbero essere delle interruzioni di servizio aggiuntive durante la finestra di manutenzione di due ore.
Non potrai accedere a queste piattaforme né accedere a questi servizi e API:
- API CertCentral / Service:
- Portale Direct Cert / Direct Cert Portal API
- Servizio di rilascio dei certificati (CIS)
- Protocollo di iscrizione al registro dei certificati semplici (SCEP)
- Discovery / API
- ACME
- Automazione dell'agente ACME / API
DigiCert non potrà emettere certificati per questi servizi e API:
- API CertCentral / Servizi:
- Portale Direct Cert / Direct Cert Portal API
- Servizio di rilascio dei certificati (CIS)
- Protocollo di iscrizione al registro dei certificati semplici (SCEP)
- Sicurezza completa del sito web (CWS) / API
- PKI gestito per SSL (MSSL) / API
- QV Trust Link
I seguenti servizi non saranno interessati dalle attività di manutenzione:
- Piattaforma PKI 8
- Piattaforma PKI 7
- Manager DigiCert ONE
Nota API:
- I servizi per elaborare le transazioni correlate ai certificati non saranno disponibili, come richiedere certificati, aggiungere domini e richieste di convalida.
- Le API riporteranno gli errori “impossibile connettersi”.
- Le richieste certificati eseguite durante questa finestra che ricevono un messaggio di errore "impossibile connettersi" dovranno essere effettuate di nuovo dopo il ripristino dei servizi.
Cosa posso fare?
Pianifica di conseguenza:
- Programma gli ordini, i rinnovi e le riemissioni con priorità elevata in relazione al periodo di manutenzione.
- Prevedi delle interruzioni se utilizzi le API per l’emissione immediata del certificato e altre attività automatizzate.
- Iscriviti alla pagina Stato DigiCert per ottenere aggiornamenti diretti.
- Consulta Manutenzione programmata DigiCert 2021 per le date e gli orari della manutenzione programmata.
I servizi saranno ripristinati non appena la manutenzione sarà completata.
Gennaio 25, 2021
API CertCentral Services: Migliorato endpoint E-mail dominio
Per facilitare la ricerca di indirizzi e-mail DNS TXT che ricevono e-mail di convalida da DigiCert per la convalida del controllo del dominio (DCV) basata su e-mail, abbiamo aggiunto un nuovo parametro di risposta all’endpoint E-mail dominio: dns_txt_emails.
Il parametro dns_txt_emails riporta un elenco degli indirizzi e-mail trovati nel record DNS TXT per il dominio. Questi sono gli indirizzi e-mail che troviamo nel record DNS TXT nel sottodominio _validation-contactemail del dominio da convalidare.
Esempio di risposta con il nuovo parametro:
Per ulteriori informazioni sul metodo DCV E-mail a contatto DNS TXT appena supportato:
Per informazioni sulla convalida dei domini negli ordini di certificato DV.
Per ulteriori informazioni sulla convalida dei domini sugli ordini di certificato OV/EV:
Gennaio 20, 2021
API CertCentral Services: Endpoint Nuovi dettagli sull’ordine unità e Annulla ordine unità
Siamo lieti di annunciare che abbiamo aggiunto due nuovi endpoint alla CertCentral Services API: Dettagli sull’ordine unità e Annulla ordine unità.
Questi endpoint ti consentono di ottenere le informazioni su un ordine unità e per annullare un ordine unità.
Annullamento degli ordini unità:
- Puoi annullare solamente un ordine entro trenta giorni dal suo completamento.
- Non puoi annullare un ordine unità se il subaccount sull’ordine ha speso delle unità.
Se gestisci un subaccount che utilizza unità come metodo di pagamento, ora puoi usare Services API per svolgere le seguenti attività:
API CertCentral Services: Miglioramento degli endpoint Elenco prodotti, Limiti di prodotto e Info prodotto
Per facilitare la ricerca dei periodo di validità dell’ordine disponibili per i prodotti di certificato digitale nel tuo account, abbiamo aggiunto nuovi parametri di risposta agli endpoint Elenco prodotti, Limiti di prodotto e Info prodotto.
Questi nuovi parametri di risposta ti consentono di visualizzare l’impostazione predefinita e i limiti di validità ordine personalizzati per ciascun prodotto nel tuo account.
Il parametro allowed_order_validity_years riporta un elenco dei periodi di validità ordine supportati per ciascun prodotto nel tuo account.
Il parametro allowed_order_lifetimes riporta un elenco dei limiti di validità ordine personalizzata per gli utenti con assegnazioni differenti per divisione e ruolo utente nel tuo account.
- Il parametro
allowed_order_validity_yearsriporta un elenco dei periodi di validità dell’ordine che sono disponibili quando richiedi il prodotto certificato. - Il parametro
custom_order_expiration_date_allowedriporta un valore booleano che descrive se puoi impostare una data di scadenza ordine personalizzata quando richiedi il prodotto certificato.
API CertCentral Services: Migliorato endpoint Info ordini subaccount
Per facilitare la ricerca di informazioni sui periodi di validità per gli ordini subaccount, abbiamo aggiunto nuovi parametri di risposta all’endpoint Info ordini subaccount. Questi nuovi parametri di risposta ti consentono di vedere la data di inizio ordine, la data di fine ordine e se l’ordine è un Piano pluriennale.
- Il parametro
is_multi_year_planriporta"1"se l’ordine è un Piano pluriennale. - Il parametro
order_valid_fromriporta la data di inizio del periodo di validità dell’ordine. - Il parametro
order_valid_tillriporta la data di fine del periodo di validità dell’ordine.
Esempio di risposta con nuovi parametri
Gennaio 9, 2021
Prossima manutenzione programmata
Il 9 gennaio 2021 dalle 22:00 alle 24:00 MST (10 gennaio 2021 dalle 05:00 alle 07:00 UTC) DigiCert eseguirà la manutenzione programmata.
Sebbene abbiamo applicato delle ridondanze per proteggere il tuo servizio, alcuni servizi DigiCert potrebbero essere non disponibili durante questo periodo.
Cosa puoi fare?
Pianifica di conseguenza.
- Programma gli ordini, i rinnovi, le riemissioni e le emissioni dei duplicati di alta priorità fuori dal periodo di manutenzione.
- Per ricevere aggiornamenti diretti, iscriviti alla pagina Stato DigiCert.
- Per le date e gli orari di manutenzione programmata, consulta Manutenzione programmata DigiCert 2021.
I servizi saranno ripristinati non appena la manutenzione sarà completata.
Dicembre 22, 2020
API CertCentral Services: Aggiorna impostazioni di notifica rinnovo
Abbiamo aggiunto un nuovo endpoint al contratto CertCentral Services API: Aggiorna impostazioni di notifica rinnovo. Usa questo endpoint per abilitare o disabilitare le notifiche di rinnovo per un ordine di certificato.
Per ulteriori informazioni, visita l’argomento di riferimento per questo endpoint nella documentazione Services API:
Dicembre 17, 2020
Personalizza la durata del tuo Piano pluriennale DigiCert
Siamo lieti di annunciare che ora puoi configurare una durata personalizzata per il tuo Piano pluriennale (MyP) quando richiedi un certificato TLS in CertCentral. Nei moduli di richiesta certificati TLS, usa la nuova opzione Personalizza validità ordine per personalizzare la durata dell’ordini certificato TLS.
Nota: La validità massima del certificato TLS è di 397 giorni secondo le best practice industriali. Consulta Fine dei 2 anni dei certificati pubblici SSL/TLS.
Le durate personalizzate degli ordini con Piano pluriennale possono essere impostate in giorni o per data di scadenza. La durata massima dell’ordine è 2190 giorni (6 anni). La durata minima dell’ordine è 7 giorni.
Nota: Gli ordini personalizzati iniziano il giorno in cui emettiamo il certificato per l’ordine. I prezzi ordine sono ripartiti proporzionalmente per corrispondere al certificato selezionato e alla durata personalizzata dell’ordine.
Per personalizzare la tua copertura MyP
- Nel modulo Richiedi certificato, fai clic su Selezionare la durata di copertura.
- Nella finestra a comparsa Quanto tempo serve per proteggere il sito?, seleziona Validità ordine personalizzata.
- In Selezionare la lunghezza dell’ordine personalizzato, configura la durata per il Piano pluriennale:
- Lunghezza personalizzata dell’ordine
Specifica la lunghezza del tuo piano in giorni. - Data di scadenza ordine personalizzata
Seleziona il giorno in cui vuoi che scada il piano.
- Lunghezza personalizzata dell’ordine
- Fai clic su Salva.
Impostazioni prodotto aggiornate per i certificati TLS pubblici
Per fornire maggior controllo sul processo di ordinazione certificato, abbiamo aggiornato le impostazioni prodotto per i certificati TLS pubblici. Adesso, puoi determinare le durate consentite per il Piano pluriennale che gli utenti possono selezionare da quando ordinano un certificato TLS pubblico.
Nella pagina delle impostazioni prodotto del certificato TLS, usa l’opzione Periodi di validità consentiti per determinare quali durate ordine MyP sono visualizzate su un modulo di richiesta certificati TLS: 1 anno, 2 anni, 3 anni, 4 anni, 5 anni e 6 anni. Nota: le modifiche apportate alle impostazioni prodotto si applicano alle richieste effettuate tramite CertCentral e Services API.
Nota: In precedenza, l’opzione Periodi di validità consentiti è stata usata per determinare la durata massima del certificato che un utente potrebbe selezionare quando ordina un certificato TLS pubblico. Tuttavia, con lo spostamento del settore verso i certificati da 1 anno, questa opzione non è più necessaria per le durate dei certificati. Consulta Fine dei 2 anni dei certificati pubblici SSL/TLS.
Per configurare le durate consentite degli ordini MyP per un certificato TLS
- Nel menu principale a sinistra, vai su Impostazioni > Impostazioni prodotto.
- Nella pagina Impostazioni prodotto, seleziona un certificato TLS pubblico. Ad esempio, seleziona Secure Site OV.
- In Secure Site OV, nel menu a discesa Periodi di validità consentiti, seleziona i periodi di validità.
- Fai clic su Salva impostazioni.
La prossima volta che un utente ordina un certificato Secure Site OV, vedrà solo le durate dei periodi di validità selezionate nel modulo di richiesta.
Nota: L’impostazione di limiti sulle durate degli ordini con Piano pluriennale rimuove l’opzione della validità personalizzata dai tuoi moduli di richiesta certificati TLS.
Pagina Domini CertCentral: Report domains.csv migliorato
Nella pagina Domini, abbiamo migliorato il report CSV per facilitare il monitoraggio delle date di scadenza delle convalide dominio OV ed EV e per visualizzare il metodo di convalida del controllo del dominio (DCV) precedentemente usato.
La prossima volta in cui scarichi il file CSV, vedrai see tre nuove colonne nel report:
- Scadenza OV
- Scadenza EV
- Metodo DCV
Per scaricare il report domains.csv
- Nel menu principale a sinistra, vai su Certificati > Domini.
- Nella pagina Domini, nel menu a discesa Scarica CSV, seleziona Scarica tutti i record.
Quando apri il file domains.csv, dovresti vedere le nuove colonne e le informazioni nel tuo report.
Dicembre 3, 2020
Pagina Ordini CertCentral: Migliorati i tempi di caricamento
In CertCentral, abbiamo aggiornato la pagina Ordini per migliorare i tempi di caricamento per coloro che gestiscono volumi elevati di ordini certificato. La prossima volta che visiti la pagina Ordini, si aprirà molto più velocemente (nel menu principale a sinistra vai in Certificati > Ordini).
Per migliorare i tempi di caricamento, abbiamo cambiato il modo in cui filtriamo i tuoi ordini certificato al momento della visualizzazione della pagina iniziale. In precedenza, abbiamo filtrato la pagina per mostrare solo gli ordini di certificato Attivi. Tuttavia, questo era un problema per le persone con elevati volumi di ordini di certificato. Più ordini hai nel tuo account, più tempo impiega la pagina Ordini per aprirsi.
Ora, quando visiti la pagina, riportiamo tutti i certificati, non filtrati, in ordine decrescente con gli ordini di certificato creati più di recente visualizzati per primi nell’elenco. Per vedere solo i tuoi certificati attivi, nel menu a discesa Stato, seleziona Attivo e fai clic su Vai.
API CertCentral Services: Acquista unità per subaccount e visualizza ordini unità
Nella CertCentral Services API, abbiamo aggiunto dei nuovi endpoint per l'acquisto di unità e la visualizzazione di ordini unità. Adesso, se gestisci dei subaccount che utilizzano delle unità come metodo di pagamento per le richieste di certificato, puoi usare Services API per acquistare altre unità per un subaccount e per ottenere informazioni sul tuo storico ordini unità.
Per ulteriori informazioni, consulta la documentazione di riferimento per i nuovi endpoint:
Dicembre 2, 2020
API CertCentral Services: Aggiornamenti documentazione
Siamo lieti di annunciare i seguenti aggiornamenti alla documentazione per CertCentral Services API:
- Nuova API stima del prezzo voucher
Abbiamo publicato un nuovo argomento di riferimento per l’endpoint Stima del prezzo voucher. I clienti che usano i voucher possono usare questo endpoint per stimare il costo (tasse incluse) di un ordine per le configurazioni voucher specifiche. - Glossario API aggiornato
Abbiamo aggiornato il Glossario con una nuova tabella per definire i vari valori dello stato di convalida organizzazione. Consulta Glossario – Stati di convalida organizzazione. - Aggiunto parametro richiesta per aggiornare la documentazione e-mail account
Abbiamo aggiunto il parametro richiestaemergency_emailsalla documentazione per l’endpoint Aggiorna e-mail account. Usa questo parametro per aggiornare gli indirizzi e-mail che ricevono le notifiche di emergenza da DigiCert.
Esempio corpo richiesta Aggiorna e-mail account:
- Aggiunti parametri risposta alla documentazione Info prodotto
Abbiamo aggiunto i parametrivalidation_type,allowed_ca_certs, e di rispostadefault_intermediatealla documentazione per l’endpoint Info prodotto.- Usa il parametro
validation_typeper ottenere il tipo di convalida per un determinato prodotto. - Usa il parametro
allowed_ca_certsper ottenere le informazioni sui certificati ICA che puoi selezionare quando ordini un determinato prodotto. * - Usa il parametro
default_intermediateper ottenere l’ID dell’ICA predefinita per un determinato prodotto. *
- Usa il parametro
Esempio di dati risposta Info prodotto:
* Nota: L’endpoint Info prodotto riporta solo i parametri allowed_ca_certs e default_intermediates per i prodotti che supportano la selezione ICA. Per i certificati SSL pubblici che supportano la selezione ICA (certificati flessibili OV ed EV), questi parametri vengono riportati solo se la selezione ICA è abilitata per l’account. Inoltre, il parametro default_intermediates viene riportato solo se un amministratore ha personalizzato un’impostazione prodotto per una divisione o un ruolo utente nell’account. Per ulteriori informazioni, consulta Opzione di catena di certificati ICA per certificati OV ed EV flessibili pubblici.
Novembre 3, 2020
API CertCentral Services: Token DCV aggiunti per i nuovi domini ai dati di risposta per gli ordini di certificato OV ed EV
Abbiamo aggiornato gli endpoint per ordinare i certificati SSL OV ed EV pubblici per riportare i token di richiesta convalida del controllo del dominio (DCV) per i nuovi domini sull’ordine.
Ora, quando richiedi un certificato OV o EV, non devi emettere richieste separate per ottenere i token di richiesta DCV per i nuovi domini sull’ordine. Puoi invece ottenere i token direttamente dai dati di risposta per la richiesta ordine.
Esempio di dati risposta:
Nota: L’oggetto dcv_token non viene riportato per i domini che saranno convalidati nell’ambito di un altro dominio sull’ordine, per i domini che esistono già nel tuo account o per i sottodomini dei domini esistenti.
Questo aggiornamento si applica ai seguenti endpoint:
Ottobre 13, 2020
Selezione della catena di certificati ICA per certificati OV ed EV flessibili pubblici
Siamo lieti di annunciare che i certificati EV ed OV pubblici con capacità flessibili ora supportano la selezione della catena dei certificati CA intermedi.
Puoi aggiungere un’opzione al tuo account CertCentral che ti consente di controllare quale catena dei certificati ICA DigiCert emette i tuoi certificati OV ed EV "flessibili" pubblici.
Questa opzione ti consente di:
- Impostare la catena dei certificati ICA predefinita per ciascun certificato OV ed EV flessibile pubblico.
- Controllare quali catene di certificati ICA possono essere usati dai richiedenti del certificato per emettere il loro certificato flessibile.
Configura la selezione della catena dei certificati ICA
Per disabilitare la selezione ICA per il tuo account, contatta il tuo account manager o il nostro team di assistenza. Dopodiché, nel tuo account CertCentral, nella pagina Impostazioni prodotto (nel menu principale a sinistra, vai in Impostazioni > Impostazioni prodotto), configurare l’impostazione predefinita e i certificati intermedi consentiti per ciascun tipo di certificato OV ed EV flessibile.
Per ulteriori informazioni le istruzioni dettagliate, consulta Opzione di catena di certificati ICA per certificati OV ed EV flessibili pubblici.
Supporto DigiCert Services API per la selezione della catena di certificati ICA
In DigiCert Services API, abbiamo effettuato i seguenti aggiornamenti per supportare la selezione ICA nelle tue integrazioni API:
- Creato nuovo endpoint Limiti di prodotto
Usa questo endpoint per ottenere le informazioni sui limiti e sulle impostazioni per i prodotti abilitati per ciascuna divisione nel tuo account. Ciò include valori ID per le catene dei certificati ICA consentiti e predefiniti di ciascun prodotto. - Supporto aggiunto per la selezione ICA nelle richieste di ordine certificato TLS OV ed EV flessibile pubblico
Dopo aver configurato i certificati intermedi consentiti per un prodotto, puoi selezionare la catena dei certificati ICA che dovrebbe emettere il tuo certificato quando usi l’API per inviare una richiesta di ordine.
Passa nell’ID del certificato ICA emittente come il valore per il parametroca_cert_idnel corpo della tua richiesta di ordine
Esempio di richiesta certificato flessibile:
Per ulteriori informazioni sull’uso della selezione ICA nelle tue integrazioni API, consulta Durata del certificato OV/EV – (Opzionale) Selezione ICA.
Agosto 26, 2020
Piani pluriennali DigiCert® disponibili per tutti i certificati SSL/TLS pubblici DigiCert
Siamo lieti di annunciare che i Piani pluriennali adesso sono disponibili per tutti i certificati SSL/TLS pubblici in CertCentral. Questi piani consentono di pagare un unico prezzo scontato per un massimo di sei anni di copertura con certificato SSL/TLS.
Nota: I contratti Enterprise License Agreement (ELA) supportano solo Piani pluriennali di 1 e 2 anni. I contratti a tariffa fissa non supportano i Piani pluriennali. Se hai un contratto a tariffa fissa, contatta il tuo account manager per trovare una soluzione che sia adatta al tuo contratto.
Con i Piani pluriennali, selezioni il certificato SSL/TLS, la durata della copertura desiderata (fino a sei anni) e la validità del certificato. Fino alla scadenza del piano, puoi riemettere il certificato gratuitamente ogni volta che raggiunge la fine del suo periodo di validità. Per ulteriori informazioni, consulta Piani pluriennali.
Modifiche DigiCert Services API a supporto dei Piani pluriennali
Nella nostra Services API, abbiamo aggiornato i nostri endpoint del certificato SSL/TLS pubblico per supportare l’ordinazione di un certificato con un Piano pluriennale.
A ciascun endpoint per l’ordinamento di un certificato SSL/TLS pubblico, abbiamo aggiunto nuovi parametri richiesta opzionali*. Inoltre, abbiamo aggiornato questi endpoint in modo che il periodo di validità del tuo ordine non dovesse più corrispondere al periodo di validità del tuo certificato.
- Nuovo parametro cert_validity opzionale
Usa questo parametro per definire il periodo di validità del primo certificato emesso per l’ordine. Se ometti il parametro cert_validity dalla tua richiesta, la validità del certificato si imposta predefinitamente sulla validità massima che DigiCert e gli standard di settore consentono, o sul periodo di validità dell’ordine, qualsiasi sia l’evento che capita per primo. - Nuovo parametro order_validityopzionale*
Usa questo parametro per definire il periodo di validità per l’ordine. La validità ordine determina la lunghezza di un Piano pluriennale. - Livello massimo aggiornato validity_years, validity_days, Parametri custom_expiration_date*
Per le integrazioni API esistenti, puoi ancora usare questi parametri esistenti per definire il periodo di validità dell’ordine. Tuttavia, raccomandiamo di aggiornare le tue integrazioni per usare invece i nuovi parametri. Ricorda, con i Piani pluriennali, il tuo ordine può avere un periodo di validità diverso dal certificato.
*Nota: Le richieste devono includere un valore per l’oggetto order_validityo per uno dei parametri della validità ordine di massimo livello: validity_years, validity_days, oppure custom_expiration_date. I valori forniti nell’oggetto order_validity ignorano i parametri di validità di massimo livello.
Queste modifiche non devono interessare le tue integrazioni attuali. Tuttavia, per massimizzare la tua copertura SSL/TLS, potresti voler iniziare ad acquistare i tuoi certificati SSL/TLS pubblici con un Piano pluriennale. Per le integrazione API, consulta Ordina piano pluriennale.
Esempio di richiesta certificato con parametri nuovi
