Skip to main content

Enterprise PKI Manager

New and Enhancements

SAML Manual Approval - Enhancement to allow profiles configured with "SAML IdP" authentication method to optionally force all SAML-authenticated user requests to be reviewed and approved/rejected by an Account Administrator before sending an email to the end-user to download his certificate.

Profile Enhancements

  • Helper text in the Enrollment method section, for profiles configured with the SCEP enrollment method.

  • Helper text in the "General information" section under the "Choose issuing ca" section, for profiles based on the "External Private CA" template.

  • Enhanced the usability of the "Email configuration & notifications" section by disabling all the custom email content unless the "Use custom email template" toggle is selected, and added a confirmation pop-up window when clicking on the "Reset" button, alerting of loss of custom email content.

API Enchancements

  • Enhanced the ‘profile’ API endpoint response to include extra information about how the profile is configured, e.g.:

    • New source_type and source_value parameters included for the various Subject DN and SAN certificate fields.

    • New mandatory parameter to show which Subject DN and SAN fields are mandatory and must be included as part of a certificate request.

    • New api_token_binding_enabled parameter to indicate whether the profile is explicitly bound to a user object (e.g. Service User, which can have an API KEY associated to it)

    • New api_token_id query parameter to filter profile lists based on a specific API Token ID.

  • Modified the mpki/api/v1/health/extensive API endpoint to require a system scope VIEW_EM_HEALTH permission.

Other Enhancements

  • DigiCert Desktop Client default token icon - Enhanced the public-facing web pages to show a default icon when using an unsupported hardware token family.

  • Direct Links to Audit Logs - Added direct links to audit logs for all Seat IDs within the various Seat type pages.

  • Dutch language - Added support for a new language (Dutch) for the administrative portal, as well as a new language selection displayed in the language dropdown list within the public-facing web pages.

Fixes

  • [DOEPM-3036] Fixed issue with custom email templates for a given profile not showing the custom content in the UI, although the data was saved in the database correctly.

  • [DOEPM-3055] Fixed issues with being able to click on a certificate pickup URL multiple times (for profiles configured with the "Enrollment Code" auth method), where now we trap the condition with a friendly error message, and block the use of the browser 'Back' navigational button.

  • [DOEPM-3060] Fixed incorrect Issuing CA validity period displayed in the Profile Details page for some specific configurations.

  • [DOEPM-3076] Fixed Java certificate import tool to manage large CSV files, plus enhanced it to optionally manage duplicate Seats and automatically create a unique Seat ID value based on the certificate info + a timestamp (DOEPM-3083).

  • [DOEPM-3122] Fixed incorrect BU seat allocation behaviour.

  • [DOEPM-3104] Fixed incorrect offset values for pagination inside the Certificates and Seats > Certificate pages.

: