筛选方式: reissues x 清除
enhancement

CertCentral Services API: Auto-reissue support for Multi-year Plans

We are happy to announce that the CertCentral Services API now supports automatic certificate reissue requests (auto-reissue) for Multi-year Plans. The auto-reissue feature makes it easier to maintain SSL/TLS coverage on your Multi-year Plans.

You can enable auto-reissue for individual orders in your CertCentral account. When auto-reissue is enabled, we automatically create and submit a certificate reissue request 30 days before the most recently issued certificate on the order expires.

Enable auto-reissue for a new order

To give you control over the auto-reissue setting for new Multi-year Plans, we added a new request parameter to the endpoints for ordering DV, OV, and EV TLS/SSL certificates: auto_reissue.

By default, auto-reissue is disabled for all orders. To enable auto-reissue when you request a new Multi-year Plan, set the value of the auto_reissue parameter to 1 in the body of your request.

Example request body:

Example order request body with auto reissue enabled

Note: In new order requests, we ignore the auto_reissue parameter if:

  • The product does not support Multi-year Plans.
  • Multi-year Plans are disabled for the account.

Update auto-reissue setting for existing orders

To give you control over the auto-reissue setting for existing Multi-year Plans, we added a new endpoint: Update auto-reissue settings. Use this endpoint to enable or disable the auto-reissue setting for an order.

Get auto-reissue setting for an existing order

To help you track the auto-reissue setting for existing certificate orders, we added a new response parameter to the Order info endpoint: auto_reissue. The auto_reissue parameter returns the current auto-reissue setting for the order.

new

ICA certificate chain selection for public DV flex certificates

We are happy to announce that select public DV certificates now support Intermediate CA certificate chain selection:

  • GeoTrust DV SSL
  • Thawte SSL 123 DV
  • RapidSSL Standard DV
  • RapidSSL Wildcard DV
  • Encryption Everywhere DV

You can add a feature to your CertCentral account that enables you to control which DigiCert ICA certificate chain issues the end-entity certificate when you order these public DV products.

This feature allows you to:

  • Set the default ICA certificate chain for each supported public DV certificate.
  • Control which ICA certificate chains certificate requestors can use to issue their DV certificate.

Configure ICA certificate chain selection

To enable ICA selection for your account:

  1. Contact your account manager or our Support team.
  2. Then, in your CertCentral account, in the left main menu, go to Settings > Product Settings.
  3. On the Product Settings page, configure the default and allowed intermediates for each supported and available DV certificate.

For more information and step-by-step instructions, see the Configure the ICA certificate chain feature for your public TLS certificates.

new

DigiCert Services API: DV certificate support for ICA certificate chain selection

In the DigiCert Services API, we made the following updates to support ICA selection in your DV certificate order requests:

Pass in the issuing ICA certificate's ID as the value for the ca_cert_id parameter in your order request's body.

Example DV certificate request:

Example DV TLS certificate request

For more information about using ICA selection in your API integrations, see DV certificate lifecycle – Optional ICA selection.

enhancement

EV 代码签名证书补发上的签名哈希选项

我们更新了扩展验证 (EV) 代码签名补发流程。现在,在补发 EV 代码签名证书时,可以为该证书选择签名哈希:SHA-256SHA-1

有关更多信息,请参阅我们的补发 EV 代码签名证书或重新发送密钥说明。

fix

我们修复了等待补发证书的错误,以前我们将原始证书或以前颁发的证书中被删除的域纳入等待补发证书的订单编号详细信息页面的您需要执行的操作部分。

该问题仅影响域验证已过期的域。如果您删除了最新完成域验证的域,我们不会将其纳入到您需要执行的操作部分。

注意:您只需要为您纳入到补发请求的域完成 DCV。您可以忽略您已删除的域。此外,当我们补发证书时,我们不会将原始证书或以前颁发的证书中被删除的域纳入到补发证书中。

现在,当您补发证书并且移除包括在原始证书或以前颁发的证书中的域时,在等待补发的订单编号详细信息页面的您需要执行的操作部分仅显示包括在等待域验证的补发请求中的域。

fix

我们修复了副本证书订单错误,以前我们将原始证书申请者添加为所有副本证书订单的申请者,无论提出副本请求的用户是谁。

现在,我们在副本证书订单上添加请求副本的用户的姓名。

注意:该修复不可追溯,并且不影响已颁发的副本证书订单。

fix

在 DigiCert 服务 API 中,我们修复了列出副本端点中的错误,以前我们不返回副本证书订单上的申请者的姓名。

现在,当您使用列出副本端点时,我们返回请求副本证书的用户的姓名。

为了修复该问题,我们新增了一些响应参数,因此可以在响应中返回申请者的姓名:

…user_id= Requestor's user ID
…firstname= Requestor's first name
…lastname= Requestor's last name

列出副本端点响应的示例