CertCentral Services API: Added DCV tokens for new domains to response data for OV and EV certificate orders
We've updated the endpoints for ordering public OV and EV SSL certificates to return the domain control validation (DCV) request tokens for new domains on the order.
Now, when you request an OV or EV certificate, you no longer have to issue separate requests to get the DCV request tokens for the new domains on the order. Instead, you can get the tokens directly from the response data for the order request.
Example response data:
dcv_token object is not returned for domains that will be validated under the scope of another domain on the order, for domains that already exist in your account, or for subdomains of existing domains.
This update applies to the following endpoints:
ICA certificate chain selection for public OV and EV flex certificates
We are happy to announce that public OV and EV certificates with flex capabilities now support Intermediate CA certificate chain selection.
You can add an option to your CertCentral account that enables you to control which DigiCert ICA certificate chain issues your public OV and EV "flex" certificates.
This option allows you to:
Configure ICA certificate chain selection
To enable ICA selection for your account, contact your account manager or our Support team. Then, in your CertCentral account, on the Product Settings page (in the left main menu, go to Settings > Product Settings), configure the default and allowed intermediates for each type of OV and EV flex certificate.
For more information and step-by-step instructions, see ICA certificate chain option for public OV and EV flex certificates.
DigiCert Services API support for ICA certificate chain selection
In the DigiCert Services API, we made the following updates to support ICA selection in your API integrations:
ca_cert_idparameter in the body of your order request
Example flex certificate request:
For more information about using ICA selection in your API integrations, see OV/EV certificate lifecycle – (Optional) ICA selection.
DigiCert® Multi-year Plans available for all DigiCert public SSL/TLS certificates
We are happy to announce that Multi-year Plans are now available for all public SSL/TLS certificates in CertCentral. These plans allow you to pay a single discounted price for up to six years of SSL/TLS certificate coverage.
Note: Enterprise License Agreement (ELA) contracts support only 1 and 2-year Multi-year Plans. Flat Fee contracts do not support Multi-year Plans. If you have a Flat Fee contract, please contact your account manager to find a solution that works with your contract.
With Multi-year Plans, you pick the SSL/TLS certificate, the duration of coverage you want (up to six years), and the certificate validity. Until the plan expires, you reissue your certificate at no cost each time it reaches the end of its validity period. For more information, see Multi-year Plans.
DigiCert Services API changes to support Multi-year Plans
In our Services API, we updated our public SSL/TLS certificate endpoints to support ordering a certificate with a Multi-year Plan.
To each endpoint for ordering a public SSL/TLS certificate, we added new optional* request parameters. Additionally, we've updated these endpoints such that the validity period of your order no longer must match the validity period of your certificate.
*Note: Requests must include a value for either the order_validity object or for one of the top-level order validity parameters: validity_years, validity_days, or custom_expiration_date. The values provided in the order_validity object override the top-level validity parameters.
These changes should not affect your current integrations. However, to maximize your SSL/TLS coverage, you may want to start purchasing your public SSL/TLS certificates with a Multi-year Plan. For API integrations, see Order Multi-year Plan.
Example certificate request with new parameters