As we complete our transition into DigiCert, we’re consolidating organization and domain authentication processes for all certificate types, which will simplify organization and domain statuses in the Managed PKI for SSL Control Center.
For details on how this improves your visibility into your organization and domain statuses, visit this knowledge base article.
When you add domains to your account for pre-validation, DigiCert sends DCV (Domain Control Validation) emails to confirm proper domain ownership. With the November release, select the appropriate language for the domain owners when you resend a DCV email through the Managed PKI for SSL Control Center.
On July 31, 2018, we introduced an improved verification process for checking the organization unit (OU) included in your certificate. Currently, if your CSR contains an OU that has never been validated, we list the status of the order as pending while our validation team validates the OU. However, we received feedback that we need to make this pending status clearer to identify why the order is being held up.
With this enhancement, when an order is pending issuance because the OU needs to be validated by our validation team, we now display the status of the order as "pending OU validation".
For information on OU validation, see the New organizational unit (OU) validation process article.
Currently, when you receive an email about an order, you have to read through the email to figure out which domain (common name) the email is about.
To make it easier to identify which domain the email is about, the common name is in the email subject line. This change applies only to the default email templates in Managed PKI for SSL.
When we updated our Web PKI hierarchy with DigiCert last year, we re-authenticated the organization and domain information for your accounts. Starting in early November 2018, we are re-authenticating the organizations and domains in your accounts.
Organization and domain validation expires after a determined period of time and must be re-authenticated as specified in the CA/Browser Forum Baseline Requirements. This regular authentication is inconvenient but necessary to maintain security and trust for your customers, your business, and the web.
As we work to re-authenticate your domains, we send DCV (Domain Control Validation) emails to the registered owners of public domains. Let your domain owners know that these DCV emails are coming and check in with them to make sure they approve the domain authentication requests.
If domain owners can’t receive DCV emails, see the Not receiving domain control validation (DCV) emails article.