CertCentral Services API: Domain locking API endpoints
DigiCert is happy to announce our domain locking feature is now available in the CertCentral Services API.
Note: Before you can use the domain locking endpoints, you must first enable domain locking for your CertCentral account. See Domain locking – Enable domain locking for your account.
New API endpoints
Updated API endpoints
To learn more, see:
CertCentral: Domain locking is now available
DigiCert is happy to announce our domain locking feature is now available.
Does your company have more than one CertCentral account? Do you need to control which of your accounts can order certificates for specific company domains?
Domain locking allows you to control which of your CertCentral accounts can order certificates for your domains.
How does domain locking work?
DNS Certification Authority Authorization (CAA) resource records allow you to control which certificate authorities can issue certificates for your domains.
With domain locking, you can use this same CAA resource record to control which of your company's CertCentral accounts can order certificates for your domains.
How do I lock a domain?
To lock a domain:
To learn more, see:
End of life for account upgrades from Symantec, GeoTrust, Thawte or RapidSSL to CertCentral™
From April 5, 2022, MDT, you can no longer upgrade your Symantec, GeoTrust, Thawte, or RapidSSL account to CertCentral™.
If you haven't already moved to DigiCert CertCentral, upgrade now to maintain website security and have continued access to your certificates.
Note: During 2020, DigiCert discontinued all Symantec, GeoTrust, Thawte, RapidSSL admin consoles, enrollment services, and API services.
How do I upgrade my account?
To upgrade your account, contact DigiCert Support immediately. For more information about the account upgrade process, see Upgrade from Symantec, GeoTrust, Thawte, or RapidSSL.
What happens if I don't upgrade my account to CertCentral?
After April 5, 2022, you must get a new CertCentral account and manually add all account information, such as domains and organizations. In addition, you won't be able to migrate any of your active certificates to your new account.
For help setting up your new CertCentral account after April 5, 2022, contact DigiCert Support.
納入 ECC SSL/TLS 憑證中的 CanSignHttpExchanges 延伸程式的業界標準規定：
*註：這些需求在 2019 年 5 月 1 日生效。在 Signed HTTP Exchanges 延伸程式目前在開發中。隨著業界持續開發，需求可能有其他變化。
90 天最長憑證有效期限規定不會影響在 2019 年 5 月 1 日前發行的憑證。請注意，重新發行的憑證將修改為從重新發行時算起的 90 天。.但您可以在完整的採購有效期限內持續重新發行憑證。
最近，我們新增了新的憑證設定檔 HTTP Signed Exchanges，協助解決 AMP URL 顯示問題，您的品牌未在位址列中顯示。請參閱顯示有 Signed Exchange 的更好的 AMP URL。