Filtraggio per: domains x cancella

CertCentral Services API: Keep the "www" subdomain label when adding a domain to your account

To give you more control over your domain prevalidation workflows, we added a new optional request parameter to the Add domain API endpoint: keep_www. Use this parameter to keep the www. subdomain label when you add a domain using a domain control validation (DCV) method of email, dns-txt-token, or dns-cname-token.

By default, if you are not using file-based DCV, the Add domain endpoint always removes the www. subdomain label from the name value. For example, if you send, DigiCert adds to your account and submits it for validation.

To keep the www and limit the scope of the approval to the www subdomain, set the value of the keep_www request parameter to true:

keep_www example JSON

Learn more


CertCentral Services API: Domain locking API endpoints

DigiCert is happy to announce our domain locking feature is now available in the CertCentral Services API.

Note: Before you can use the domain locking endpoints, you must first enable domain locking for your CertCentral account. See Domain locking  – Enable domain locking for your account.

New API endpoints

Updated API endpoints

We updated the response for the Domain info and List domains endpoints to include the following parameters with domain lock details:

  • domain_locking_status (string)
    Domain lock status. Only returned if domain locking is enabled for the account.
  • account_token (string)
    Domain lock account token. Only returned if domain locking is enabled for the account, and if domain locking has been activated for the domain at least once.

To learn more, see:


CertCentral: Domain locking is now available

DigiCert is happy to announce our domain locking feature is now available.

Does your company have more than one CertCentral account? Do you need to control which of your accounts can order certificates for specific company domains?

Domain locking allows you to control which of your CertCentral accounts can order certificates for your domains.

How does domain locking work?

DNS Certification Authority Authorization (CAA) resource records allow you to control which certificate authorities can issue certificates for your domains.

With domain locking, you can use this same CAA resource record to control which of your company's CertCentral accounts can order certificates for your domains.

How do I lock a domain?

To lock a domain:

  1. Enable domain locking for your account.
  2. Set up domain locking for a domain.
  3. Add the domain's unique verification token to the domain's DNS CAA resource record.
  4. Check the CAA record for the unique verification token.

To learn more, see:


End of life for account upgrades from Symantec, GeoTrust, Thawte or RapidSSL to CertCentral™

From April 5, 2022, MDT, you can no longer upgrade your Symantec, GeoTrust, Thawte, or RapidSSL account to CertCentral™.

If you haven't already moved to DigiCert CertCentral, upgrade now to maintain website security and have continued access to your certificates.

Note: During 2020, DigiCert discontinued all Symantec, GeoTrust, Thawte, RapidSSL admin consoles, enrollment services, and API services.

How do I upgrade my account?

To upgrade your account, contact DigiCert Support immediately. For more information about the account upgrade process, see Upgrade from Symantec, GeoTrust, Thawte, or RapidSSL.

What happens if I don't upgrade my account to CertCentral?

After April 5, 2022, you must get a new CertCentral account and manually add all account information, such as domains and organizations. In addition, you won't be able to migrate any of your active certificates to your new account.

For help setting up your new CertCentral account after April 5, 2022, contact DigiCert Support.


CertCentral Services API: Improved List domains endpoint response

To make it easier to find information about the domain control validation (DCV) status for domains in your CertCentral account, we added these response parameters to domain objects in the List domains API response:

  • dcv_approval_datetime: Completion date and time of the most recent DCV check for the domain.
  • last_submitted_datetime: Date and time the domain was last submitted for validation.

For more information, see the reference documentation for the List domains endpoint.


We updated the behavior for products that can use wildcard domain names and fully qualified domain names (FQDNs) in a certificate. After August 23, 2021 certificates including the wildcard domain name will only secure the FQDN and all of its same-level domain names without charge.

Subject Alternative Names (SANs) that are not at the same level as the wildcard domain name will be considered additional to the wildcard coverage. For example, a wildcard certificate for * will only allow FQDNs like,, and to be included as SANs in the certificate without charge.


API CertCentral Services: Nuovi endpoint subaccount

Per faciiltare la gestione del tuo subaccount, abbiamo aggiunto due nuovi endpoint alla CertCentral Services API: Elenca domini subaccount e Elenca organizzazioni subaccount.


Upgrade 2.0 account precedenti

Siamo lieti di annunciare che i domini convalidati e i certificati SSL/TLS pubblici attivi ora sono inclusi nella migrazione dei dati durante l’upgrade della console precedente a CertCentral. Consulta Cosa devi sapere sulla migrazione dei dati account.

Con questo rilascio, avviamo un upgrade in fasi a CertCentral delle nostre console precedenti. I criteri di upgrade dipendono dalla dimensione dell'azienda, dalle preferenze di valuta e dall’uso delle funzioni.

Nota: Gli upgrade CertCentral sono gratuiti. Se sei interessato ad eseguire l’upgrade adesso, contatta il tuo account manager o il nostro team di assistenza.

Se il tuo account precedente soddisfa i criteri della fase uno, quando accedi alla console, vedrai un’opzione per eseguire l’upgrade a CertCentral. Al momento dell’upgrade, migriamo le tue organizzazioni e i domini convalidati al tuo account CertCentral. Dopodiché, quando sei pronto, puoi importare i tuoi certificati SSL/TLS pubblici attivi.

Per ulteriori informazioni sull’upgrade a CertCentral e sulla migrazione dei dati, consulta la nostra guida all’Upgrade a CertCentral.

Altri tipi di certificati

SSL privati, firma codice, S/Mime e altri tipi di certificati non possono essere importati in questo momento. Il certificato SSL/TLS e non SSL/TLS provato farà parte di una migrazione separata.