筛选方式: dcv methods x 清除
enhancement

Customize the lifetime of your DigiCert Multi-year Plan

We are happy to announce you can now configure a custom lifetime for your Multi-year Plan (MyP) when requesting a TLS certificate in CertCentral. On the TLS certificate request forms, use the new Custom order validity option to customize the length of your TLS certificate order.

Note: Maximum TLS certificate validity is 397 days per industry best practices. See End of 2-Year public SSL/TLS certificates.

Custom Multi-year Plan order lengths can be set in days or by expiration date. Maximum order length is 2190 days (6 years). Minimum order length is 7 days.

Note: Custom orders start on the day we issue the certificate for the order. Order pricing is prorated to match the certificate selected and your custom order length.

To customize your MyP coverage

  1. On the Request certificate form, click Select coverage length.
  2. In the How long do you need to protect your site pop-up window, select Custom order validity.
  3. Under Select your customer order length, configure the lifetime for your Multi-year Plan:
    1. Custom order length
      Specify the length of your plan in days.
    2. Custom order expiration date
      Select the day you want your plan to expire on.
  4. Click Save.
enhancement

Updated product settings for public TLS certificates

To provide more control over your certificate order process, we updated the product settings for public TLS certificates. Now, you can determine the allowed Multi-year Plan order lengths users can select from when ordering a public TLS certificate.

On the TLS certificate's product settings page, use the Allowed validity periods option to determine what MyP order lengths appear on a TLS certificate request form: 1 Year, 2 Years, 3 Years, 4 Years, 5 Years, and 6 Years. Note that changes made to product settings apply to requests placed through CertCentral and the Services API.

Note: Previously, the Allowed validity periods option was used to determine the maximum certificate lifetime a user could select when ordering a public TLS certificate. However, with the industry move to 1-year certificate this option is no longer needed for certificate lengths. See End of 2-Year public SSL/TLS certificates.

To configure the allowed MyP order lengths for a TLS certificate

  1. In the left main menu, go to Settings > Product Settings.
  2. On the Product Settings page, select a public TLS certificate. For example, select Secure Site OV.
  3. Under Secure Site OV, in the Allowed validity periods dropdown, select the validity periods.
  4. Click Save Settings.

The next time a user orders a Secure Site OV certificate, they will only see the validity period lengths you selected on the request form.

Note: Setting limits on Multi-year Plan order lengths removes the custom validity option from your TLS certificate request forms.

enhancement

CertCentral Domains page: Improved domains.csv report

On the Domains page, we improved the CSV report to make it easier to track OV and EV domain validation expiration dates and to view the previously used domain control validation (DCV) method.

The next time you download the CSV file, you will see we three new columns in the report:

  • OV Expiration
  • EV Expiration
  • DCV Method

To download the domains.csv report

  1. In the left main menu, go to Certificates > Domains.
  2. On the Domains page, in the Download CSV dropdown, select Download All Records.

When you open the domains.csv, you should see the new columns and information in your report.

enhancement

CertCentral: Automatic DCV checks – DCV polling

We are happy to announce we've improved the domain control validation (DCV) process and added automatic checks for DNS TXT, DNS CNAME, and HTTP practical demonstration (FileAuth) DCV methods.

This means, once you've placed the fileauth.txt file on your domain or added the random value to your DNS TXT or DNS CNAME records, you don't need to worry about signing in to CertCentral to run the check yourself. We will run the DCV check automatically. Although, you can still run a manual check, when needed.

DCV polling cadence

After submitting your public SSL/TLS certificate order, submitting a domain for prevalidation, or changing the DCV method for a domain, DCV polling begins immediately and runs for one week.

  • Interval 1—Every minute for the first 15 minutes
  • Interval 2—Every five minutes for an hour
  • Interval 3—Every fifteen minutes for four hours
  • Interval 4—Every hour for a day
  • Interval 5—Every four hours for a week*

*After Interval 5, we stop checking. If you have not placed the fileauth.txt file on your domain or added the random value to your DNS TXT or DNS CNAME records by the end of the first week, you will need to run the check yourself.

For more information about the supported DCV methods:

enhancement

我们已将 CertCentral DV 证书注册指南移动到了 https://docs.digicert.com/certcentral/documentation/dv-certificate-enrollment/

该指南的 PDF 版本仍然可用(请参阅引言页面底部的链接)。

此外,我们更新并添加了说明以介绍在 CertCentral 中支持的 DV 证书的 DCV 方法。

  • 新增了域控制验证 (DCV) 说明
    • 使用电子邮件 DCV 方法
    • 使用 DNS TXT DCV 方法
    • 使用文件 DCV 方法
    • 文件 DCV 方法常见错误
  • 更新了订购 DV 证书说明
    • 订购 RapidSSL Standard DV 证书
    • 订购 RapidSSL Wildcard DV 证书
    • 订购 GeoTrust Standard DV 证书
    • 订购 GeoTrust Wildcard DV 证书
    • 订购 GeoTrust Cloud DV 证书
  • 更新了补发 DV 证书说明
    • 补发 RapidSSL Standard DV 证书
    • 补发 RapidSSL Wildcard DV 证书
    • 补发 GeoTrust Standard DV 证书
    • 补发 GeoTrust Wildcard DV 证书
    • 补发 GeoTrust Cloud DV 证书
new

我们向 DV 证书订单补发页面新增了两个域控制验证 (DCV) 方法:DNS TXT 和文件。

注意:以前(除非您使用 DigiCert 服务 API),您只能使用电子邮件 DCV 方法证明对您的 DV 证书订单上的域的控制权。

现在,当您订购补发 DV 证书时,您可以选择 DNS TXT、文件或电子邮件作为 DCV 方法以完成该订单的域验证。

new

我们在 DV 证书订单编号详细信息页面上新增了证明对域的控制权功能。

以前,您无法在 DV 证书订单编号详细信息页面上执行任何操作以完成域验证。

现在,您可以执行更多操作以完成该订单的域验证:

  • 使用 DNS TXT、电子邮件和文件 DCV 方法
  • 重新发送/发送 DCV 电子邮件并选择收件人的电子邮件地址
  • 验证域的 DNS TXT 记录
  • 验证域的 fileauth.txt 文件
  • 选择与在订购证书时所选的 DCV 方法不同的 DCV 方法

(在侧栏菜单中,单击证书 > 订单。在 DV 证书订单的订单页面的订单编号列,单击订单编号。)

enhancement

我们改进了 DV 证书的证书编号详细信息页面的证书详细信息部分,添加了额外的 DV 证书信息:序列号拇指指纹

注意:该改进功能不可追溯。该新信息仅对在 2019 年 1 月 15 日 UTC 时间 17:00 之后下达的订单显示。

(在侧栏菜单中,单击证书 > 订单。在 DV 证书订单的订单页面的订单编号列,单击订单编号。)

enhancement

我们改进了获取订单详细信息端点,可以在响应中返回 DV 证书的拇指指纹和序列号。

{
"id":"12345",
"证书":{
"id":123456,
"拇指指纹":"{{拇指指纹}}",
"serial_number":"{{serial_number}}
...
}

注意:该改进功能不可追溯。仅对在 2019 年 1 月 15 日 UTC 时间 17:00 之后下达的订单返回拇指指纹和序列号。

有关更多信息,请参阅 DigiCert 服务 CertCentral API 文件中的获取订单详细信息端点。

enhancement

我们改进了域管理 - 获取域控制电子邮件 API 端点的功能。您现在可以使用域名检索任何域的域控制验证 (DCV) 电子邮件地址(基于 WHOIS 的电子邮件和构造的电子邮件)。

以前,您必须具有域 ID 才能检索 DCV 电子邮件地址。但是,要为域获得 ID,必须提交域进行预验证。

现在,您可以使用域名或域 ID,通过域管理 - 获取域控制电子邮件端点检索域的 DCV 电子邮件地址(基于 WHOIS 的电子邮件和构造的电子邮件)。请参阅获取域电子邮件端点。