For publicly trusted certificates, industry standards (baseline requirements and RFC 5280) require data entries to meet certain criteria. Violating these standards when ordering a certificate prevents a Certificate Authority (CA) from issuing the certificate.
DigiCert is deprecating the Organizational Unit (OU) field to simplify public SSL/TLS certificate ordering. For more information about OU field deprecation, see our KB article DigiCert will deprecate the Organizational Unit field.
For publicly trusted certificates, the organization unit value is not a required value (field).
According to baseline requirements, Certificate Authorities (CAs) are only required to validate the organization unit value when a value is provided. If you leave this field blank (do not provide an organization unit value), CAs are instructed not to include the field in the certificate.
Baseline requirements also prohibit this value from being or appearing to be "junk" data or indicators of non-applicability (na, ?, etc.), which keep certificates smaller. By keeping certificates smaller, this ensures TLS remains accessible to a greater range of users and site operators.
The list below contains characters that, if entered by themselves in the organization unit field, do not represent a valid organization unit value:
If you only put a hyphen in the organization unit field, a CA will be unable to validate the value.
However, if you enter an organization name that includes a hyphen in it (for example, Dev-Ops), this hyphen does not prevent a CA from validating your organization unit value.
For publicly trusted certificates, we cannot allow these values (data entries) to exceed the 64-maximum character limit, including spaces:
For publicly trusted certificates, we no longer allow the use of underscores ( _ ) in:
As of October 1, 2018, we only issue certificates for domains and subdomains using:
Currently, you can include underscores in other certificate values, such as organization units and organization names. However, the use of the underscore in these values is being reevaluated. Industry standards may change and require you to remove the underscores from those values too.
DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.
©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.
Этот сайт используйте файлы «cookie» и другие технологии отслеживания для облегчения навигации и предоставления вам возможности оставлять отзывы, для анализа использования вами наших продуктов и сервисов, помощи в наших действиях по продвижению и рекламированию и предоставления содержания третьих сторон. Прочитайте нашу Политика в отношении файлов «cookie» и Политику конфиденциальности для получения более подробной информации.