フィルタリング: domains x 消去
new

CertCentral Services API: Domain locking API endpoints

DigiCert is happy to announce our domain locking feature is now available in the CertCentral Services API.

Note: Before you can use the domain locking endpoints, you must first enable domain locking for your CertCentral account. See Domain locking  – Enable domain locking for your account.

New API endpoints

Updated API endpoints

We updated the response for the Domain info and List domains endpoints to include the following parameters with domain lock details:

  • domain_locking_status (string)
    Domain lock status. Only returned if domain locking is enabled for the account.
  • account_token (string)
    Domain lock account token. Only returned if domain locking is enabled for the account, and if domain locking has been activated for the domain at least once.

To learn more, see:

new

CertCentral: Domain locking is now available

DigiCert is happy to announce our domain locking feature is now available.

Does your company have more than one CertCentral account? Do you need to control which of your accounts can order certificates for specific company domains?

Domain locking allows you to control which of your CertCentral accounts can order certificates for your domains.

How does domain locking work?

DNS Certification Authority Authorization (CAA) resource records allow you to control which certificate authorities can issue certificates for your domains.

With domain locking, you can use this same CAA resource record to control which of your company's CertCentral accounts can order certificates for your domains.

How do I lock a domain?

To lock a domain:

  1. Enable domain locking for your account.
  2. Set up domain locking for a domain.
  3. Add the domain's unique verification token to the domain's DNS CAA resource record.
  4. Check the CAA record for the unique verification token.

To learn more, see:

new

End of life for account upgrades from Symantec, GeoTrust, Thawte or RapidSSL to CertCentral™

From April 5, 2022, MDT, you can no longer upgrade your Symantec, GeoTrust, Thawte, or RapidSSL account to CertCentral™.

If you haven't already moved to DigiCert CertCentral, upgrade now to maintain website security and have continued access to your certificates.

Note: During 2020, DigiCert discontinued all Symantec, GeoTrust, Thawte, RapidSSL admin consoles, enrollment services, and API services.

How do I upgrade my account?

To upgrade your account, contact DigiCert Support immediately. For more information about the account upgrade process, see Upgrade from Symantec, GeoTrust, Thawte, or RapidSSL.

What happens if I don't upgrade my account to CertCentral?

After April 5, 2022, you must get a new CertCentral account and manually add all account information, such as domains and organizations. In addition, you won't be able to migrate any of your active certificates to your new account.

For help setting up your new CertCentral account after April 5, 2022, contact DigiCert Support.

enhancement

CertCentral Services API: Improved List domains endpoint response

To make it easier to find information about the domain control validation (DCV) status for domains in your CertCentral account, we added these response parameters to domain objects in the List domains API response:

  • dcv_approval_datetime: Completion date and time of the most recent DCV check for the domain.
  • last_submitted_datetime: Date and time the domain was last submitted for validation.

For more information, see the reference documentation for the List domains endpoint.

fix

We updated the behavior for products that can use wildcard domain names and fully qualified domain names (FQDNs) in a certificate. After August 23, 2021 certificates including the wildcard domain name will only secure the FQDN and all of its same-level domain names without charge.

Subject Alternative Names (SANs) that are not at the same level as the wildcard domain name will be considered additional to the wildcard coverage. For example, a wildcard certificate for *.digicert.com will only allow FQDNs like one.digicert.com, two.digicert.com, and three.digicert.com to be included as SANs in the certificate without charge.

new

CertCentral Services API:新しいサブアカウントエンドポイント

お使いのサブアカウントを管理しやすくするため、CertCentral Services API に次の2つの新しいエンドポイントを追加しました。[サブアカウントドメインを一覧表示する][サブアカウント組織を一覧表示する]

new

レガシーアカウントアップグレード 2.0

認証済ドメインと有効作動している、パブリック SSL/TLS 証明書は現在、お使いのレガシーコンソール CertCentral へのアップグレード時のデータ移行に含まれることを発表いたします。「アカウントデータ移行について確認が必要なこと」を参照してください。

このリリースでは、レガシーコンソールの CertCentral へのフェーズごとのアップグレードを開始します。アップグレード基準は、会社規模、通貨環境、および機能の使用状況によって異なります。

注記:CertCentral アップグレードは 無料です。今すぐアップグレードに興味がある場合は、当社のアカウントマネージャか、サポートチーム にお問い合わせください。

コンソールへのサインイン時にお使いのレガシーアカウントがフェース1基準に対応している場合は、CertCentral へのアップグレードオプションを参照してください。アップグレード時、当社はお客様の組織と認証済ドメインをお客様の CertCentral アカウントに移行します。続いて、準備が整った時点で、お客様は有効作動している、パブリック SSL/TLS 証明書をインポートすることができます。

CertCentral へのアップグレードおよびデータ移行についての詳細は、「CertCentral へのアップグレードガイド」 を参照してください。

他のタイプの証明書

プライベート SSL、コード署名、S/Mime および他のタイプの証明書は、この時点ではインポートできません。プライベート SSL/TLS および SSL/TLS 以外の証明書は、個別移行作業の一部になります。