CA Manager
Enhancements
Single-tenant DPoD support - DigiCert ONE now provides support for a single instance of Thales Data Protection on Demand (DPoD) cloud-based platform. Set-up and configuration works similarly to SafeNet HSM setup - and will require an application restart before the partitions can be registered. The current configuration lends itself better to on-premises installations. We are working to deliver a multi-tenant solution soon.
Changes to CRL scope - CA has updated the UI for “Master CRL” setting in the Create CRL flow to provide better clarity and pave the way for the forthcoming partition CRL functionality. The Master CRL radio button has been removed, and in its place is now a dropdown called “CRL Scope” that contains the following options:
Full and Complete (formerly “Master CRL”) This CRL scope includes everything issued by the CA, including certificates with no CDPs.
Complete (default) Includes every issued cert with a CDP from the CA that point to same CRL
Fixes
Corrected an issue where a sub-ICA, with no children ICAs, would display sibling sub-CAs issued by its parent instead of a blank list on the sub-ICA’s detail page.
Fixed a problem where, when attempting to pair an externally signed root, an incorrect and un-helpful “Root not found” error is returned when the .pem was malformed, or if it was missing elements. Now a malformed file will return the error: “Bad or unreadable encoding in file, please correct and try again”, Or when the required ICA is not included in the upload, the error returned will state: “ICA not included, unable to pair, please include the ICA and try again.”
Fixed an issue with excessive calls being made to internal endpoint when no data is returned in the initial call.