7月 12, 2021
Verified Mark Certificates available now.
Verified Mark Certificates (VMCs) are a new type of certificate that allow companies to place a certified brand logo next to the “sender” field in customer inboxes—visible before the message is opened—acting as confirmation of your domain’s DMARC status and your organization’s authenticated identity. Learn more about VMC certificates.
To disable or change availability of VMC in your account, visit the Product Settings page.
Note: If you do not see VMCs in your account, it may be because we are not offering the product to all account types yet. It is also possible that the product is available, but one of your CertCentral account’s administrators turned the product off in Product Settings.
CertCentral Services API: Verified Mark Certificate enhancements
To help you manage your Verified Mark Certificate (VMC) orders in your API integrations, we’ve made the following updates to the CertCentral Services API.
New endpoints:
- Order Verified Mark Certificate
We added a new endpoint—Order Verified Mark Certificate—you can use to create or renew a VMC order. - Update VMC order
We added a new endpoint—Update VMC order—you can use to update the trademark country code or registration number for a pending VMC order. - Validate VMC logo format (SVG or encoded)
We added two new endpoints—Validate logo format (SVG) and Validate logo format (encoded)—you can use to check if the format of an SVG file is compatible with the requirements for VMC. - Upload VMC logo (SVG or encoded)
We added two new endpoints—Upload VMC logo (SVG) and Upload VMC logo (encoded)—you can use to upload a logo for a pending VMC order. - Get VMC logo
We added a new endpoint—Get VMC logo—you can use to download the logo for a VMC order.
Updated endpoints:
- Order info
We updated the Order info endpoint to return a vmc object with the trademark country code, registration number, and logo information for VMC orders. - Email certificate
We updated the Email certificate endpoint to support emailing a copy of your issued VMC.
To learn more about managing VMC certificates from your API integrations, visit Verified Mark Certificate workflow.
3月 12, 2021
CertCentral Services API: Auto-reissue support for Multi-year Plans
We are happy to announce that the CertCentral Services API now supports automatic certificate reissue requests (auto-reissue) for Multi-year Plans. The auto-reissue feature makes it easier to maintain SSL/TLS coverage on your Multi-year Plans.
You can enable auto-reissue for individual orders in your CertCentral account. When auto-reissue is enabled, we automatically create and submit a certificate reissue request 30 days before the most recently issued certificate on the order expires.
Enable auto-reissue for a new order
To give you control over the auto-reissue setting for new Multi-year Plans, we added a new request parameter to the endpoints for ordering DV, OV, and EV TLS/SSL certificates: auto_reissue.
By default, auto-reissue is disabled for all orders. To enable auto-reissue when you request a new Multi-year Plan, set the value of the auto_reissue parameter to 1 in the body of your request.
Example request body:
Note: In new order requests, we ignore the auto_reissue parameter if:
- The product does not support Multi-year Plans.
- Multi-year Plans are disabled for the account.
Update auto-reissue setting for existing orders
To give you control over the auto-reissue setting for existing Multi-year Plans, we added a new endpoint: Update auto-reissue settings. Use this endpoint to enable or disable the auto-reissue setting for an order.
Get auto-reissue setting for an existing order
To help you track the auto-reissue setting for existing certificate orders, we added a new response parameter to the Order info endpoint: auto_reissue. The auto_reissue parameter returns the current auto-reissue setting for the order.
ICA certificate chain selection for public DV flex certificates
We are happy to announce that select public DV certificates now support Intermediate CA certificate chain selection:
- GeoTrust DV SSL
- Thawte SSL 123 DV
- RapidSSL Standard DV
- RapidSSL Wildcard DV
- Encryption Everywhere DV
You can add a feature to your CertCentral account that enables you to control which DigiCert ICA certificate chain issues the end-entity certificate when you order these public DV products.
This feature allows you to:
- Set the default ICA certificate chain for each supported public DV certificate.
- Control which ICA certificate chains certificate requestors can use to issue their DV certificate.
Configure ICA certificate chain selection
To enable ICA selection for your account:
- Contact your account manager or our Support team.
- Then, in your CertCentral account, in the left main menu, go to Settings > Product Settings.
- On the Product Settings page, configure the default and allowed intermediates for each supported and available DV certificate.
For more information and step-by-step instructions, see the Configure the ICA certificate chain feature for your public TLS certificates.
DigiCert Services API: DV certificate support for ICA certificate chain selection
In the DigiCert Services API, we made the following updates to support ICA selection in your DV certificate order requests:
- Updated the Product list endpoint
After adding the ICA certificate selection chain feature to your account, the Product list endpoint returns each ICA certificate's name and ID available to issue end-entity certificates for the supported DV products (see allowed_ca_certs). - Updated the Product limits endpoint
After you configure the allowed and default ICA certificates for a DV product, the Product limits endpoint returns the default issuing ICA (default_intermediate) and allowed issuing ICAs (allowed_intermediates) that certificate requestor with a given container and user role assignment can select. - Updated the Product info endpoint
The Product list endpoint now returns the name, ID, and certificate chain information for the issuing ICAs you can select when you request a given product (see allowed_ca_certs). - Added support for ICA chain selection to these DV certificate order requests:
Pass in the issuing ICA certificate's ID as the value for the ca_cert_id parameter in your order request's body.
Example DV certificate request:
For more information about using ICA selection in your API integrations, see DV certificate lifecycle – Optional ICA selection.
2月 7, 2020
DigiCert Services API では、新しく、よりフレキシブルな基本およびセキュア・サーバ ID SSL/TLS 証明書をオーダーするための新しい4つのエンドポイントを追加しました。これらの SSL/TLS 証明書がさらにフレキシブルなったことで、証明書をお客様のニーズに合わせやすくなり、その結果、古い基本およびセキュア・サーバ ID 製品が入れ替わります。
これらのエンドポイントを使用して、新しいオーダーと更新オーダーのみを行います。これらを使用して既存の基本およびセキュア・サーバ ID 証明書オーダーを変換することはできません。
これらの新しい証明書を CertCentral アカウントについて有効にするには、アカウントマネージャまたは当社の サポートチームにお問い合わせください。
- スタンダード・サーバ ID
POST をオーダーする https://www.digicert.com/services/v2/order/certificate/ssl_basic - スタンダード・サーバ ID EV
POST をオーダーする https://www.digicert.com/services/v2/order/certificate/ssl_ev_basic - セキュア・サーバ ID OV
POST をオーダーする https://www.digicert.com/services/v2/order/certificate/ssl_securesite_flex - セキュア・サーバ ID EV
POST をオーダーする https://www.digicert.com/services/v2/order/certificate/ssl_ev_securesite_flex
フレキシブル OV と EV 証明書
これらの証明書は、お客様がデジサートSSL/TLS 証明書で得られる暗号化と認証に対応し、同時に、お客様ニースに合わせるためにどのドメインとワイルドカードドメイン* との組み合わせが必要な場合も、OV と EV 証明書を構築することができます。
*注意:業界基準では、OV SSL/TLS 証明書のワイルドカードドメインのみサポートされています。EV SSL/TLS 証明書では、ワイルドカードドメインの使用はサポートされていません。