筛选方式: browsers x 清除
new

Multi-year Plans now available

We are happy to announce that Multi-year Plans are now available in CertCentral and CertCentral Partners.

DigiCert® Multi-year Plans allow you to pay a single discounted price for up to six years of SSL/TLS certificate coverage. With Multi-year Plans, you pick the SSL/TLS certificate, the certificate validity (1 or 2 years), and the duration of coverage you want (up to six years). Until the plan expires, you reissue your certificate at no cost each time it reaches the end of its validity period.

Note: This product is not available for CertCentral Enterprise accounts.

The maximum validity of an SSL/TLS certificate is 825 days (397 days after September 1, 2020). When the active certificate for a Multi-year Plan is about to expire, you reissue the certificate to maintain your SSL/TLS coverage.

compliance

Browser support for TLS 1.0 and 1.1 has ended

The four major browsers no longer support Transport Layer Security (TLS) 1.0 and 1.1.

What you need to know

This change doesn't affect your DigiCert certificates. Your certificates continue to work as they always have.

This change affects browser-dependent services and applications relying on TLS 1.0 or 1.1. Now that browser support for TLS 1.0 and 1.1 has ended, any out-of-date systems will be unable to make HTTPS connections.

What you need to do

If you are affected by this change and your system supports more recent versions of the TLS protocol, upgrade your server configuration as soon as you can to TLS 1.2 or TLS 1.3.

If you do not upgrade to TLS 1.2 or 1.3, your webserver, system, or agent will not be able to use HTTPS to securely communicate with the certificate.

Browser TLS 1.0/1.1 deprecation information

Firefox 78, released June 30, 2020

Safari 13.1, released March 24, 2020

Chrome 84, released July 21, 2020

Edge v84, released 7/16/2020

Helpful resources

With so many unique systems relying on TLS, we can't cover all upgrade paths, but here are a few references that may help:

enhancement

CertCentral Services API: Updated error message documentation

In the Services API documentation, we've updated the Errors page to include descriptions for error messages related to:

  • Immediate DV certificate issuance
  • Domain control validation (DCV)
  • Certificate Authority Authorization (CAA) resource record checks

Earlier this year, we improved the APIs for DV certificate orders and DCV requests to provide more detailed error messages when DCV, file authorization, DNS lookups, or CAA resource record checks fail. Now, when you receive one of these error messages, check the Errors page for additional troubleshooting information.

For more information:

compliance

浏览器终止支持 TLS 1.0 和 1.1

2020 年,四大浏览器将终止支持传输层安全性 (TLS) 1.0 和 1.1。

此更改不影响您的 DigiCert 证书。您的证书将仍然像以前一样工作。

须知事项

此更改影响依赖于 TLS 1.0 或 1.1 的浏览器依赖性服务和应用程序。一旦浏览器终止支持 TLS 1.0 或 1.1,这些过时的系统将无法建立 HTTPS 连接。

所需操作

如果您受此更改的影响,请计划立即启用或升级至 TLS 1.2 或 TLS 1.3。给自己一些准备时间,以应对任何问题。在您开始之前,请务必确认所有可能使用 TLS 1.0 或 1.1 的系统。

请务必检查 Apache 或 Microsoft IIS、.NET Framework 之类的 Web 服务器、服务器监控代理以及可能使用它的其他商务应用程序。

有用资源

由于有许多不同类型的系统依赖于 TLS,因此我们无法涵盖所有可用的升级路径,但下面提供了一些可能有用的参考资源: