Skip to main content

Enterprise PKI Manager

New Enrollment Code Reporting page - New UX report page that allows gathering of information for all enrollment codes generated on a given account, including its status and value, creation/redeem/expiration/rejection/reset dates, last time an administrator changed the status of an enrollment code, etc.

Certificate Import Grouping and Custom Email Templates - New pages under Unmanaged and Imported Seat types that allows a set of imported certificates to be bound to a custom Group Name and custom email template, used by DigiCert to send certificate expiration reminders as per the frequency set within the group settings. This feature helps notify end-users via email of their expiring certificate, plus allows administrators to set some custom instructions on how to enroll/install a new certificate based on standard Enterprise PKI Manager flows.

Service Users - Ability to select Service Users (along with standard user accounts) for profiles configured with REST API enrollment method.

Subject Unique Identifier - The Subject Unique Identifier field now expects an Hexadecimal value as input, and will be encoded within the certificate as a BitString. Known issue: macOS can not import the certificate into Keychain successfully - it works ok for Windows

API Enhancements

  • New audit log API endpoints: /mpki/api/v1/audit-log and /mpki/api/v1/audit-log/{id}

  • New enrollment code API: /mpki/api/v1/report/enrollment-code

  • Enhancement to the /mpki/api/v1/certificate-import API to support tagging of uploaded certificates against a custom group name (automatically identified as Unmanaged or Imported Seats), depending on whether an Issuing CA is found on the account.

See Swagger API documentation for details, under Resources menu item.

DigiCert Desktop Enhancement - Allow Administrator to configure how to deliver the "DigiCert Desktop Client" client to end users:

  • Redirecting end users to the DigiCert Desktop Client wizard page on a separate browser tab, from where to download the appropriate client, plus have access to extra functionality, or

  • Delivering the client inline, within the same enrollment pages, for the supported platform.

Audit Log Enhancements

  • Filter audit log events by Administrator name. An Administrator Id is required when filtering events via the new audit-log API

  • New Warning status used to identify issues when uploading certificates via REST API. For example, when uploading certificates without an email address configured within the SDN:Email or SAN:rfc822Name fields that can be used to send customized expiration emails to end users.

Nesta secção: