Account setting for certificate lifecycle email language preference
We've added an account language setting for the certificate lifecycle emails sent from CertCentral. Now, on the Notifications page, you can set the language preference for the certificate lifecycle emails for the entire account.
Currently, we support these 11 languages for certificate lifecycle specific emails:
How does certificate lifecycle email language support work?
When you go to the Notifications page in CertCentral, use the Email Language dropdown to set the certificate lifecycle email language for the entire account.
For example, if you set the email language to Italian, all certificate lifecycle emails will be in Italian regardless of the individual account language setting.
Note: The Email Language option only changes the language used in the certificate lifecycle emails. It does not change the language used in an individual account. On the Profile Settings page, use the Language dropdown to set the language for your account. See CertCentral language preferences.
Where are these certificate life cycle settings?
To access the Certificate Lifecycle email defaults settings, in the left main menu, go to Settings > Notifications. To learn more, see Configure certificate lifecycle email settings.
New certificate lifecycle email setting
We added another notification setting to the Certificate lifecycle email settings—Send organization approval emails to the user placing order. This setting allows you to control if the organization approval email is sent to the certificate requestor.
What is the organization approval email?
When the requestor is an admin or organization contact, we send them an email letting them know DigiCert has validated the organization, and they can now issue certificates for it.
Note: This new setting only applies to orders where a new, yet to be validated organization is included in the request.
Where are these certificate life cycle settings?
To access the Certificate Lifecycle email defaults settings, in the left main menu, go to Settings > Notifications. To learn more, see Configure certificate lifecycle email recipients.
Discovery now available in all CertCentral accounts
We are happy to announce that all existing CertCentral accounts now include Discovery, our newest and most robust certificate discovery tool.
Note: For those who were using Certificate Inspector, Discovery replaces our long time DigiCert tool, Certificate Inspector.
By default, Discovery includes Cloud scan and a Sensor scan trial with a 100-certificate limit.
Cloud scan uses a cloud-based sensor, so there is nothing to install or manage. You can start scanning immediately to find all your public facing SSL/TLS certificates regardless of issuing Certificate Authority (CA). Cloud-scan runs once every 24 hours.
Sensor scan is our most robust version of Discovery. It uses sensors to scan your network to quickly find all your internal and public facing SSL/TLS certificates regardless of the issuing Certificate Authority (CA). Discovery also identifies problems in certificate configurations and implementations along with certificate-related vulnerabilities or problems in your endpoint configurations.
Scans are centrally configured and managed from inside your CertCentral account. Scan results are displayed in an intuitive and interactive dashboard inside CertCentral. Configure scans to run once or multiple times on a set schedule.
Discovery audit logs
Discovery has added a new feature—Discovery Audit Logs—allowing you to track Discovery-related activities in your CertCentral account. These audit logs provide insight into user activity enabling you to see areas where training may be required, reconstruct events to troubleshoot problems, detect misuse, and discover problem areas.
To make it easier to sort through the information in the Discover audit logs, we've include several filters:
To access the Discovery Audit Log, in your CertCentral account, in the left main menu, go to Account > Audit Logs. On the Audit Logs page, click Discovery Audit Logs.
Discovery language support
As we work to globalize our product offerings and make our websites, platforms, and documentation more accessible, we are happy to announce that we've added language support to Discovery in CertCentral.
Now, when configuring your language preference in CertCentral, Discovery is included in the configuration.
To configure your language preference
Bug fix: DV certificate orders did not honor Submit base domains for validation account setting
We fixed a bug in the DV certificate domain control validation (DCV) process where DV certificate orders did not adhere to the Submit base domains for validation account setting.
Note: For DV certificate orders, you were required to validate the domain exactly as named in the order.
Now, DV certificate orders honor the Submit base domains for validation account setting, allowing you to validate your subdomains at the base domain level on your DV certificate orders.
To view the Domain Validation Scope settings in your account, go to Settings > Preferences. On the Division preferences page, expand +Advanced Settings. The Domain Validation Scope settings are in the Domain Control Validation (DCV) section.
We added two new statuses to the Organizations and Organization details pages: validation expires soon, and validation expired. These new statuses make it easier to proactively track your organization validations and make sure they stay up to date.
Now, when you visit the Organizations page (in the sidebar menu click Certificates > Organizations), you can quickly identify organizations with validation that is expiring soon or has already expired. For more details about the expiring or expired organization validation, click the organization name.
We fixed a bug where some accounts were unable to submit organizations for EV CS – Code Signing Organization Extended Validation. The affected accounts only contained EV Code Signing and Code Signing products.
As part of the fix, we split up the EV and EV CS verified contact options. Now, when submitting an organization for EV CS – Code Signing Organization Extended Validation, you can submit the organization's verified contact for EV CS order approvals only. Similarly, when submitting an organization for EV – Extended Organization Validation (EV), you can submit the organization's verified contact for EV SSL certificate order approvals only.
Note: For EV code signing certificate orders, organizations and the organization's verified contacts need to be pre-validated. For more information about organization pre-validation, see our Submit an organization for pre-validation instructions.
We fixed a bug where some account admins were unable to view or edit the details of their CertCentral user accounts. Now, all account admins can once again view and edit user account details (email address, role, etc.).
To learn more about CertCentral, check out our short video How to Manage Your Entire Certificate Lifecycle in 60 Seconds—or Less.
In Discovery, we updated the Certificates page, adding a new action—Replace certificate—to the Actions dropdown. Now, from the Certificates page, you can replace any certificate with a DigiCert certificate regardless of issuing CA.
(In the sidebar menu, click Discovery > View Results. On the Certificates page, locate the Actions dropdown for the certificate you want to replace. Click Actions > Replace certificate.)
In Discovery, we updated the Certificates by rating widget on the Discovery dashboard, making it easier to see the security ratings for your public SSL/TLS certificates (in the sidebar menu, click Discovery > Discovery Dashboard).
As part of the update, we renamed the widget: Certificates analyzed by security rating. Then, we split the chart on the widget into two charts: Public and Others. Now, you can use the Public | Others toggle switch on the widget to select the chart you want to see.
The Certificates analyzed by security rating - Public chart displays the ratings for your public SSL/TLS certificates only. The Certificates analyzed by security rating - Other chart displays the rating for all your other SSL/TLS certificates (e.g., private SSL certificates).
Now, when you configure a scan for a hostname/FQDN, and the scan's endpoint results return IP addresses, we include the hostname/FQDN from the scan with the IP address.
Update note: The hostname update is available in the latest sensor version – 3.7.10. After the sensors updates are completed, rerun scans to see the hostname/IP address correlation on your scan results.
Benefits included with each Secure Site Pro certificate
Each Secure Site Pro certificate includes – at no extra cost – first access to premium feature such as the Post Quantum Cryptographic (PQC) toolkit.
Other benefits include:
To learn more about our Secure Site Pro certificates, see DigiCert Secure Site Pro.
To activate Secure Site Pro certificates for your CertCentral account, contact your account manager or our support team.
我們已新增新的工具到我們的 CertCentral 組合中—探索—提供您的整個 SSL/TLS 憑證全貌的即時分析。
「探索」是針對快速尋找您的所有面向內部和公用的 SSL/TLS 憑證而設計，與發行的憑證授權單位 (CA) 無關，「探索」找出憑證設定和實行的問題，以及您的端點設定中與憑證相關的漏洞或問題。
從您的 CertCentral 帳戶內部，集中設定和管理掃描。掃描結果顯示在 CertCentral 內部的直覺與互動式儀表板上。設定掃描執行一次，或在設定好的時程執行多次。
在 CertCentral 中可用的 Secure Site Pro TLS/SSL 憑證。使用 Secure Site Pro 依照網域向您收費，沒有基礎憑證費用。新增一個網域就收取一個的費用。需要九個網域時，就收取九個的費用。保護一份憑證上最多 250 個網域的安全。
我們提供兩種類型的 Secure Site Pro 憑證，一種適用於 OV 憑證，另一種適用於 EV 憑證。
每份 Secure Site Pro 憑證具有的優點
每份 Secure Site Pro 憑證都包括 – 無額外費用 – 先存取將來的其他進階功能到 CertCentral (例如 CT 記錄監控和驗證管理)。
若要啟用用於您的 CertCentral 帳戶的 Secure Site Pro 憑證，請聯絡您的帳戶管理員或我們的支援團隊。
若要瞭解更多有關我們的 Secure Site Pro 憑證的資訊，請參閱 DigiCert Secure Site Pro。
我們增強了我們的 RapidSSL DV 憑證方案，讓您可以在這些單一網域憑證中，納入第二個非常特定的網域。
我們增強了 RapidSSL 憑證端點以納入 dns_names 參數，讓您可以在這些單一網域憑證中，納入第二個非常特定的網域。
關於 DigiCert Services API 文件，請參閱 CertCentral API。
CertCentral 中提供可用的 Individual Document Signing 憑證：
若要啟用使用於您的 CertCentral 帳戶的 Document Signing 憑證，請聯絡您的銷售代表。
之前，僅可以使用 Organization Document Signing (組織文件簽署) 憑證。
若要瞭解更多有關這些憑證的資訊，請參閱 Document Signing 憑證。
RapidSSL 和 GeoTrust DV 憑證在 CertCentral 中可用：
DigiCert 進行其他公開可用的 CT 記錄 (Nessie)。Nessie 是新的、有高度使用彈性的高效能憑證透明度 (CT) 記錄。
此 CT 記錄由五個記錄所組成，根據憑證到期以增量為一年的速度分享。以下是 CT 記錄端點 URL 及其憑證到期範圍和憑證到期範圍。