筛选方式: requests x 清除
enhancement

CertCentral Services API: Improved Order info API response

Update: To give API consumers more time to evaluate the impact of the Order info API response changes on their integrations, we are postponing this update until May 31, 2022. We originally planned to release the changes described below on April 25, 2022.

On May 31, 2022, DigiCert will make the following improvements to the Order info API. These changes remove unused values and update the data structure of the order details object to be more consistent for orders in different states across product types.

For more information and response examples for public TLS, code signing, document signing, and Class 1 S/MIME certificates, see the reference documentation for the Order info endpoint.

If you have questions or need help with these changes, contact your account representative or DigiCert Support.

Need to test your API integration?

To help CertCentral Services API consumers evaluate the impact of these changes, DigiCert is providing a beta server for API consumers to test their integrations prior to the May 31, 2022 release. To learn more, see our knowledge base article: DigiCert CertCentral Services API beta server.


General enhancements

The following changes apply to orders for various certificate types irrespective of order status.

Removed parameters:

  • public_id (string)
    For all orders, the API will stop returning the public_id parameter. DigiCert no longer supports the Express Install workflow that required a public_id value.
  • certificate.ca_cert_id (string)
    For DV certificate orders, the API will stop returning the ca_cert_id parameter. The value of this parameter is an internal ID for the issuing ICA certificate and cannot be used externally. The API already excludes the ca_cert_id parameter from the order details for other product types.

    To get the name and public ID of the issuing ICA certificate associated with the order, use the ca_cert object instead.
  • verified_contacts (array of objects)
    For document signing certificate orders, the API will stop returning the verified_contacts array. The API already excludes the verified_contacts array from the order details for other product types.
  • certificate.dns_names (array of strings)
    If there are no DNS names associated with the order (for example, if the order is for a code signing, document signing, or Class 1 S/MIME certificate), the API will stop returning the dns_names array.

    Before, the API returned a dns_names array with an empty string: [" "]
  • certificate.organization_units (array of strings)
    If there are no organization units associated with the order, the API will stop returning an organization_units array.

    Before, for some product types, the API returned an organization_units array with an empty string: [" "]
  • certificate.cert_validity
    In the cert_validity object, the API will only return a key/value pair for the unit used to set the certificate validity period when the order was created. For example, if the validity period of the certificate is for 1 year, the cert_validity object will return a years parameter with a value of 1.

    Before, the cert_validity object sometimes returned values for both days and years.

Added parameters:

  • order_validity (object)
    For code signing, document signing, and client certificate orders, the API will start returning an order_validity object.

    The order_validity object returns the days, years, or custom_expiration_date for the order validity period. The API already includes an order_validity object in the order details for public SSL/TLS products.
  • payment_profile (object)
    For DV certificate orders, if the order is associated with a saved credit card, the API will start returning a payment_profile object. The API already includes a payment_profile object in the order details for other product types.
  • server_licenses
    For DV certificate orders, the API will start returning the server_licenses parameter. The API already includes the server_licenses parameter in the order details for other product types.

Unapproved order requests

The following changes apply only to certificate order requests that are pending approval or that have been rejected. These changes bring the data structure of the response closer to what the API returns after the request is approved and the order is submitted to DigiCert for validation and issuance.

To manage unapproved and rejected requests, we recommend using the Request endpoints (/request) instead of retrieving the order details. We designed the /request endpoints to manage pending and rejected certificate order requests, and these endpoints remain unchanged.

Note: For quicker certificate issuance, we recommend using a workflow that skips or omits the request approval step for new certificate orders. If your API workflow already skips or omits the approval step, you can safely ignore the changes below. Learn more about removing the approval step:

Added parameters:

  • disable_ct (boolean)
  • allow_duplicates (boolean)
  • cs_provisioning_method (string)

Removed parameters:

  • server_licenses (integer)
    For unapproved order requests, the API will stop returning the server_licenses parameter. The API will continue including the server_licenses parameter in order details for approved order requests.

Improved organization object
To provide a consistent data structure in the order details for unapproved and approved order requests, the API will return a modified organization object on unapproved order requests for some product types.

The API will stop returning the following unexpected properties on unapproved order requests for all product types:

  • organization.status (string)
  • organization.is_hidden (boolean)
  • organization.organization_contact (object)
  • organization.technical_contact (object)
  • organization.contacts (array of objects)

The API will start returning the following expected properties, if existing, on unapproved order requests for all product types:

  • organization.name (string)
  • organization.display_name (string)
  • organization.assumed_name (string)
  • organization.city (string)
  • organization.country (string)

To get organization details not included in the Order info response, use the Organization info API endpoint.

fix

我们修复了 DV 证书补发错误,以前对于还剩一年以上时间才到期的证书,我们不会保留原始证书订单上的到期日期。

现在,当您补发还剩一年以上时间才到期的 DV 证书时,补发的证书将保留原始证书上的到期日期。

enhancement

在 DigiCert 服务 API 中,我们改进了 DV 证书请求端点,您可以更准确地使用新的 email_domain 字段以及现有的 email 字段设定域控制验证 (DCV) 电子邮件的目标接收人。

例如,为 my.example.com 订购证书时,您可以要求基域 (example.com) 的域所有者验证子域。要更改 DV 电子邮件的接收人,请在您的 DV 证书请求中添加 dcv_emails 参数。然后添加 email_domain 字段指定基域 (example.com),添加 email 字段指定所需 DCV 电子邮件接收人的电子邮件地址 (admin@example.com)。

GeoTrust Standard DV 证书请求示例

DV 证书端点: