篩選依據: TLS 1.0 x 清除

七月 22, 2020

documentation api TLS 1.0 TLS 1.1 browsers DCV certcentral compliance Services API DV certificate issuance error messages CertCentral Partners Multi-year plan MyP
new

Multi-year Plans now available

We are happy to announce that Multi-year Plans are now available in CertCentral and CertCentral Partners.

DigiCert® Multi-year Plans allow you to pay a single discounted price for up to six years of SSL/TLS certificate coverage. With Multi-year Plans, you pick the SSL/TLS certificate, the duration of coverage you want (up to six years), and the certificate validity. Until the plan expires, you reissue your certificate at no cost each time it reaches the end of its validity period.

The maximum validity of an SSL/TLS certificate will go from 825 days to 397 days on September 1, 2020. When the active certificate for a Multi-year Plan is about to expire, you reissue the certificate to maintain your SSL/TLS coverage.

compliance

Browser support for TLS 1.0 and 1.1 has ended

The four major browsers no longer support Transport Layer Security (TLS) 1.0 and 1.1.

What you need to know

This change doesn't affect your DigiCert certificates. Your certificates continue to work as they always have.

This change affects browser-dependent services and applications relying on TLS 1.0 or 1.1. Now that browser support for TLS 1.0 and 1.1 has ended, any out-of-date systems will be unable to make HTTPS connections.

What you need to do

If you are affected by this change and your system supports more recent versions of the TLS protocol, upgrade your server configuration as soon as you can to TLS 1.2 or TLS 1.3.

If you do not upgrade to TLS 1.2 or 1.3, your webserver, system, or agent will not be able to use HTTPS to securely communicate with the certificate.

Browser TLS 1.0/1.1 deprecation information

Firefox 78, released June 30, 2020

Safari 13.1, released March 24, 2020

Chrome 84, released July 21, 2020

Edge v84, released 7/16/2020

Helpful resources

With so many unique systems relying on TLS, we can't cover all upgrade paths, but here are a few references that may help:

enhancement

CertCentral Services API: Updated error message documentation

In the Services API documentation, we've updated the Errors page to include descriptions for error messages related to:

  • Immediate DV certificate issuance
  • Domain control validation (DCV)
  • Certificate Authority Authorization (CAA) resource record checks

Earlier this year, we improved the APIs for DV certificate orders and DCV requests to provide more detailed error messages when DCV, file authorization, DNS lookups, or CAA resource record checks fail. Now, when you receive one of these error messages, check the Errors page for additional troubleshooting information.

For more information:

三月 31, 2020

browsers compliance TLS 1.0 TLS 1.1
compliance

瀏覽器結束支援 TLS 1.0 和 1.1

在 2020 年,四款主流瀏覽器結束支援 Transport Layer Security (運輸層安全性,TLS) 1.0 和 1.1。

此變更不會影響您 DigiCert 憑證。您的憑證將一如以往持續運作。

您需要知道的事項

此變更影響依賴瀏覽器的服務和依賴 TLS 1.0 或 1.1 的應用程式。瀏覽器的 TLS 1.0 或 1.1 支援一結束時,這些過期的系統將無法進行 HTTPS 連線。

您需要做的事項

如果您受到此變更影響,計畫立刻啟用或升級到 TLS 1.2 或 TLS 1.3。給您自己處理任何問題的前置時間。在您開始前,請確定找出所有可能使用 TLS 1.0 或 1.1 的系統。

記得檢查 Apache 或 Microsoft IIS 等網頁伺服器、.NET Framework、伺服器監控代理程式、以及其他可能使用的商業應用程式。

實用資源

由於有如此多不同類型的系統依賴 TLS,因此我們無法涵蓋所有可用的升級路徑,但在此有些可能有幫助的參考:

關於

DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.

©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.