将证书发布到公共 CT 日志后,您无法将其从日志中删除。但是,如果您选择将证书从公共 CT 日志中排除,后来却发现您需要将它记录到日志,您可以解决该问题。
要将未记录日志的公共 SSL/TLS 证书记录到公共 CT 日志中,请补发证书并取消选中不要将此证书记录到公共 CT 日志复选框,这样我们可以将其记录到日志。因此而补发的证书将被记录到 CT 日志中。安装补发的证书后,浏览器警告将消失。
更改补发的证书不会影响之前颁发的证书(原始和补发)
补发证书时,您对补发的证书做出的任何更改不会影响原始证书(或之前颁发的证书)。更改只会影响当时补发的证书以及以后补发的所有证书。
例如,如果您订购 SSL/TLS 证书并且选择将它从公共 CT 日志中排除,原始证书将永远不会记录到 CT 日志中。但是,如果您补发证书并允许记录日志,补发的证书将被记录到 CT 日志中。而且,以后补发的所有证书也将被记录到 CT 日志中,除非您明确选择将该补发的证书排除在外。
要获得具有不同 CT 日志记录设置的重复证书,请补发该证书并更改补发证书单上的 CT 日志记录设置。
DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.
©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.