筛选方式: CAA resource record x 清除

四月 30, 2019

compliance CanSignHttpExchanges certificate requests ECC SSL certificates 90-day max validity CAA resource record
compliance

关于在 ECC SSL/TLS 证书中包括 CanSignHttpExchanges 扩展名的行业标准要求:

  • 包括 "cansignhttpexchanges=yes" 参数的域的 CAA 资源记录*
  • 椭圆曲线密码体制 (ECC) 密钥对
  • CanSignHttpExchanges 扩展名
  • 最长 90 天有效期*
  • 仅用于 Signed HTTP Exchange

*注意:这些要求从 2019 年 5 月 1 日开始生效。Signed HTTP Exchanges 扩展名目前正在积极开发中。随着行业的进一步发展,可能会对要求作出其他更改。

90 天证书最长有效期要求不影响在 2019 年 5 月 1 日之前颁发的证书。请注意,补发的证书将缩短为自补发日期起 90 天。但是,您可以继续补发证书以达到已购买的完整有效期。

CanSignHttpExchanges 扩展名

最近我们新增了证书配置文件 HTTP Signed Exchanges,以帮助解决 AMP URL 显示问题,即,在地址栏中不显示您的品牌。请参阅显示具有 Signed Exchange 的优化 AMP URL

新的配置文件允许在 OV 和 EV SSL/TLS 证书中包括 CanSignHttpExchanges 扩展名。一旦为您的帐户启用后,在您的 OV 和 EV SSL/TLS 证书请求单的其他证书选项下将显示在证书中包括 CanSignHttpExchanges 扩展名选项。请参阅获取 Signed HTTP Exchange 证书

要为您的帐户启用该证书配置文件,请联系您的客户经理或联系我们的支持团队

简介

DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.

©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.