十二月 31, 2022
DIGICERT 2022 MAINTENANCE SCHEDULE
To make it easier to plan your certificate-related tasks, we scheduled our 2022 maintenance windows in advance. See DigiCert 2022 scheduled maintenance—this page is kept up to date with all maintenance schedule information.
With customers worldwide, we understand there is not a "best time" for everyone. However, after reviewing the data on customer usage, we selected times that would impact the fewest amount of our customers.
About our maintenance schedule
- Maintenance is scheduled for the first weekend of each month unless otherwise noted.
- Each maintenance window is scheduled for 2 hours.
- Although we have redundancies in place to protect your service, some DigiCert services may be unavailable.
- All normal operations will resume once maintenance is completed.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
If you need more information regarding these maintenance windows, contact your account manager or DigiCert support team.
二月 12, 2022
Expanding Range of IP Addresses Used for DigiCert Services
As part of our scheduled maintenance on February 12, 2022, 22:00 – 24:00 MST (February 13, 2022, 05:00 - 07:00 UTC), DigiCert is expanding the range of IP addresses we use for our services. These additional IP addresses are part of our efforts to increase service uptime and reduce the need for service downtime during scheduled maintenance.
What do I need to do?
If your company uses allowlists*, update them to include the block of IP addresses listed below by February 12, 2022, to keep your DigiCert services and API integrations running as expected.
*Note: Allowlists are lists for firewalls that only allow specified IP addresses to perform certain tasks or connect to your system.
Additional IP addresses
Add this range of IP addresses to your allowlist: 216.168.240.0/20
Note: We are not replacing or removing any IP addresses. We are only expanding the range of IP Addresses we use to deliver our services.
Affected Services:
- CertCentral/Services API
- ACME
- Discovery/API
- Discovery sensor firewall settings
- ACME Automation/API
- Certificate Issuing Service (CIS)
- Simple Certificate Enrollment Protocol (SCEP)
- API access URL
- Direct Cert Portal/API
- DigiCert website
- Validation services
- PKI Platform 8
- PKI Platform 7 (Japan and Australia)
- QuoVadis TrustLink
- DigiCert ONE
- Account Manager
- CA Manager
- IoT Device Manager
- Document Signing Manager
- Secure Software Manager
- Enterprise PKI Manager
- Automation Manager
For easy reference, see our knowledgebase article, Expanding Range of IP Addresses for DigiCert Services. If you have questions, please contact your account manager or DigiCert Support.
一月 8, 2022
Upcoming Scheduled Maintenance
DigiCert will perform scheduled maintenance on January 8, 2022, between 22:00 – 24:00 MST (January 9, 2022, between 05:00 – 07:00 UTC). Although we have redundancies to protect your service, some DigiCert services may be unavailable during this time.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- If you use the APIs for immediate certificate issuance and automated tasks, expect interruptions.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2022 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
十二月 31, 2021
若要讓規劃您的憑證相關工作變得更容易,我們預先排程我們的 2021 維護視窗。請參閱 DigiCert 2021 排程的維護 — 此頁面有最新的所有維護時程表資訊。
我們在全世界都有客戶,因此理解沒有對每個人的最佳時間。但在檢閱與客戶使用有關的資料後,我們選擇了會影響我們最少客戶量的時段。
關於我們的維護時程表
- 除非另有說明,否則維護的時間安排在每個月的第一個周末。
- 每個維護視窗都排程 2 個小時。
- 雖然我們有保護您的服務的適當備援,但有些 DigiCert 服務仍可能無法使用。
- 一完成維護時,即繼續所有一般操作。
如果您需要更多有關這些維護時段的資訊,請聯絡您的帳戶管理器或 DigiCert 支援團隊。若要取得即時更新,請訂閱 DigiCert 狀態頁面。
十二月 4, 2021
Upcoming Scheduled Maintenance
DigiCert will perform scheduled maintenance on December 4, 2021, between 22:00 – 24:00 MST (December 5, 2021, between 05:00 – 07:00 UTC). Although we have redundancies to protect your service, some DigiCert services may be unavailable during this time.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
十一月 6, 2021
Upcoming Schedule Maintenance
DigiCert will perform scheduled maintenance on November 6, 2021, between 22:00 – 24:00 MDT (November 7, 2021, between 04:00 – 06:00 UTC).
CertCentral infrastructure-related maintenance downtime
We will start this infrastructure-related maintenance between 22:00 and 22:10 MDT (04:00 and 04:10 UTC). Then, for approximately 30 minutes, the following services will be down:
DV certificate issuance for CertCentral, ACME, and ACME agent automation
- DV certificate requests submitted during this time will fail
- APIs will return a "cannot connect" error
- Failed requests should be resubmitted after services are restored
CIS and SCEP
- Certificate Issuing Service (CIS) will be down
- Simple Certificate Enrollment Protocol (SCEP) will be down
- DigiCert will be unable to issue certificates for CIS and SCEP
- APIs will return a "cannot connect" error
- Requests that return "cannot connect" errors should be resubmitted after services are restore
QuoVadis TrustLink certificate issuance
- TrustLink certificate requests submitted during this time will fail
- However, failed requests will be added to a queue for processing later
- Queued-up requests will be processed after services are restored, as required
This maintenance only affects DV certificate issuance, CIS, SCEP, and TrustLink certificate issuance. It does not affect any other DigiCert platforms or services .
PKI Platform 8 maintenance
We will start the PKI Platform 8 maintenance at 22:00 MDT (04:00 UTC). Then, for approximately 30 minutes, the PKI Platform 8 will experience service delays and performance degradation that affect:
- Signing in and using your PKI Platform 8 to perform in-console certificate lifecycle tasks.
- Using any of your PKI Platform 8 corresponding APIs or protocols (for example, SOAP, REST, SCEP, and EST) to perform certificate lifecycle operations.
- Performing certificate lifecycle tasks/operations:
- Enrolling certificates: new, renew, or reissues
- Adding domains and organizations
- Submitting validation requests
- Viewing reports, revoking certificates, and creating profiles
- Adding users, viewing certificates, and downloading certificates
- Certificate issuance for PKI Platform 8 and its corresponding API.
Additionally:
- APIs will return a "cannot connect" error.
- Certificate enrollments that receive "cannot connect" errors must be resubmitted after DigiCert restores services.
The PKI Platform 8 maintenance only affects PKI Platform 8. It does not affect any other DigiCert platforms or services.
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
十月 2, 2021
Upcoming Schedule Maintenance
On October 2, 2021, between 22:00 – 24:00 MDT (October 3, 2021, between 04:00 – 06:00 UTC), DigiCert will perform scheduled maintenance.
CertCentral, CIS, SCEP, Direct Cert Portal, and DigiCert ONE maintenance
DigiCert will perform scheduled maintenance. Although we have redundancies to protect your service, some DigiCert services may be unavailable during this time.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
PKI Platform 8 maintenance and downtime:
DigiCert will perform scheduled maintenance on PKI Platform 8. During this time, the PKI Platform 8 and its corresponding APIs will be down for approximately 20 minutes.
We will start the PKI Platform 8 maintenance at 22:00 MDT (04:00 UTC).
Then, for approximately 20 minutes:
- You will be unable to sign in and use your PKI Platform 8 to perform in-console certificate lifecycle tasks.
- You will be unable to use any of your PKI Platform 8 corresponding APIs or protocols (for example, SOAP, REST, SCEP, and EST) to perform certificate lifecycle operations.
- You will be unable to:
- Enroll certificates: new, renew, or reissues
- Add domains and organizations
- Submit validation requests
- View reports, revoke certificates, and create profiles
- Add users, view certificates, and download certificates
- DigiCert will be unable to issue certificates for PKI Platform 8 and its corresponding API.
- APIs will return a "cannot connect" error.
- Certificate enrollments that receive "cannot connect" errors must be resubmitted after DigiCert restores services.
The PKI Platform 8 maintenance only affects PKI Platform 8. It does not affect any other DigiCert platforms or services.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
九月 11, 2021
Upcoming Schedule Maintenance
On September 11, 2021, between 22:00 – 24:00 MDT (September 12, 2021, between 04:00 – 06:00 UTC), DigiCert will perform scheduled maintenance.
CertCentral, CIS, SCEP, Direct Cert Portal, and DigiCert ONE maintenance
DigiCert will perform scheduled maintenance. Although we have redundancies to protect your service, some DigiCert services may be unavailable during this time.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
PKI Platform 8 maintenance and downtime:
DigiCert will perform scheduled maintenance on PKI Platform 8. During this time, the PKI Platform 8 and its corresponding APIs will be down for approximately 60 minutes.
We will start the PKI Platform 8 maintenance at 22:00 MDT (04:00 UTC).
Then, for approximately 60 minutes:
- You will be unable to sign in and use your PKI Platform 8 to perform in-console certificate lifecycle tasks.
- You will be unable to use any of your PKI Platform 8 corresponding APIs or protocols (for example, SOAP, REST, SCEP, and EST) to perform certificate lifecycle operations.
- You will be unable to:
- Enroll certificates: new, renew, or reissues
- Add domains and organizations
- Submit validation requests
- View reports, revoke certificates, and create profiles
- Add users, view certificates, and download certificates
- DigiCert will be unable to issue certificates for PKI Platform 8 and its corresponding API.
- APIs will return a "cannot connect" error.
- Certificate enrollments that receive "cannot connect" errors must be resubmitted after DigiCert restores services.
The PKI Platform 8 maintenance only affects PKI Platform 8. It does not affect any other DigiCert platforms or services.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance begins and when it ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as we complete our maintenance.
八月 7, 2021
Upcoming Schedule Maintenance
On August 7, 2021, between 22:00 – 24:00 MDT (August 8, 2021, between 04:00 – 06:00 UTC), DigiCert will perform scheduled maintenance. Although we have redundancies to protect your service, some DigiCert services may be unavailable during this time.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance starts and when maintenance ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
七月 10, 2021
Upcoming schedule maintenance
On July 10, 2021, between 22:00 – 24:00 MDT (July 11, 2021, between 04:00 – 06:00 UTC), DigiCert will perform scheduled maintenance.
During maintenance, for approximately 60 minutes, the services specified below under Service downtime will be down. Due to the scope of the maintenance, the services specified below under Service interruptions may experience brief interruptions during a 10-minute window.
Service downtime
From 22:00 – 23:00 MDT (04:00 – 05:00 UTC), while we perform database-related maintenance, the following services will be down for up to 60 minutes:
- CertCentral / Services API
- Direct Cert Portal / API
- ACME
- Discovery / API
- ACME agent automation / API
API Note: Affected APIs will return “cannot connect” errors. Certificate-related API requests that return a “cannot connect” error message during this window will need to be placed again after services are restored.
Service interruptions
During a 10-minute window, while we perform infrastructure maintenance, the following DigiCert service may experience brief service interruptions:
- Certificate Issuing Service (CIS)
- Simple Certificate Enrollment Protocol (SCEP)
- DigiCert ONE
- Automation service
- CT Log monitoring
- Vulnerability assessment
- PCI compliance scans
Services not affected
These services are not affected by the maintenance activities:
- PKI Platform 8
- PKI Platform 7
- QuoVadis TrustLink
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance starts and when maintenance ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as the maintenance is completed.
四月 3, 2021
Upcoming scheduled maintenance
On April 3, 2021, between 22:00 – 24:00 MDT (April 4, 2021, between 04:00 – 06:00 UTC), DigiCert will perform scheduled maintenance.
During maintenance, for up to 10 minutes, we will be unable to issue certificates for the DigiCert platforms, their corresponding APIs, immediate certificate issuance, and those using the APIs for other automated tasks.
Affected services
For approximately 10 minutes, DigiCert will be unable to issue certificates for these services and APIs:
- CertCentral / Service API
- ACME
- ACME agent automation / API
- Direct Cert Portal / API
- Certificate Issuing Service (CIS)
- Simple Certificate Enrollment Protocol (SCEP)
- QuoVadis TrustLink
Services not affected
These services are not affected by the maintenance activities:
- PKI Platform 8 / API
- PKI Platform 8 SCEP
- PKI Platform 7 / API
- PKI Platform 7 SCEP
- DigiCert ONE managers
API note:
- APIs will return "cannot connect" errors.
- Certificate requests submitted during this window that receive a "cannot connect" error message will need to be placed again after services are restored.
What can I do?
Plan accordingly:
- Schedule high-priority orders, renewals, and reissues before or after the maintenance window.
- Expect interruptions if you use the APIs for immediate certificate issuance and automated tasks.
- To get live maintenance updates, subscribe to the DigiCert Status page. This subscription includes email alerts for when maintenance starts and when maintenance ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as we complete the maintenance.
三月 6, 2021
Upcoming scheduled maintenance
On March 6, 2021, between 22:00 – 24:00 MST (March 7, 2021, between 05:00 – 07:00 UTC), DigiCert will perform scheduled maintenance.
Although we have redundancies in place to protect your service, some DigiCert services may be unavailable during this time.
What can you do?
Please plan accordingly.
- Schedule your high-priority orders, renewals, and reissues around the maintenance window.
- To get live maintenance updates, subscribe to the DigiCert Status page. The subscription includes emails to let you know when maintenance starts and ends.
- For scheduled maintenance dates and times, see DigiCert 2021 scheduled maintenance.
Services will be restored as soon as the maintenance is completed.
二月 6, 2021
即將到來的排程維護
在 2021 年 2 月 6 日 22:00 到 24:00 MST (2021 年 2 月 7 日 05:00 到 07:00 UTC),DigiCert 將執行重大維護。
在維護期間,以下所列服務將關閉約 60 分鐘。由於正在執行的工作範圍的緣故,在兩個小時的維護時段內可能會有其他服務中斷。
您將無法登入這些平台和存取這些服務與 API:
- CertCentral / Service API
- Direct Cert Portal / Direct Cert Portal API
- 憑證發行服務 (CIS)
- 單一憑證註冊通訊協議 (SCEP)
- Discovery/API
- ACME
- ACME 代理程式自動化/API
DigiCert 將無法發行用於這些服務和 API 的憑證:
- CertCentral / Services API
- Direct Cert Portal / Direct Cert Portal API
- 憑證發行服務 (CIS)
- 單一憑證註冊通訊協議 (SCEP)
- 完整網站安全性(CWS)/API
- Managed PKI for SSL (MSSL)/API
- QV Trust 連結
這些服務不受維護活動的影響:
- PKI Platform 8
- PKI Platform 7
- DigiCert ONE 管理員
API 備註:
- 處理憑證相關交易的服務將無法使用,例如要求憑證、新增網域和驗證要求等。
- API 將傳回“無法連線”錯誤。
- 在此收到"無法連線"錯誤訊息的時段所做的憑證要求在服務還原後需要重新進行。
我可以做什麼?
訂出相應計畫:
- 安排與維護時段有關的高優先順序訂單、續訂和重新發行的時間。
- 預期在您使用 API 進行立刻發行憑證和自動化工作時中斷。
- 若要取得即時更新,請訂閱 DigiCert 狀態 頁面。
- 請參閱 DigiCert 2021 排程的維護或排程的維護日期和時間。
服務將在維護完成時盡快還原。
一月 9, 2021
即將到來的排程維護
2020 年 1 月 9 日 22:00 到 24:00 MST (2021 年 1 月 10 日 05:00 到 07:00 UTC),DigiCert 將執行排程的維護。
雖然我們有保護您的服務的適當備援,但有些 DigiCert 服務在這段時間內仍可能無法使用。
您可以做什麼?
請訂出相應計畫。
- 安排維護時段外的高優先順序訂單、續訂、重新發行和複本發行的時間。
- 若要取得即時更新,請訂閱 DigiCert 狀態頁面。
- 關於排程的維護日期和時間,請參閱 DigiCert 2021 排程的維護。
服務將在維護完成時盡快還原。
十二月 6, 2020
排程的維護
2020 年 12 月 6 日 08:00 到 10:00 UTC,DigiCert 將執行排程的維護。
這如何影響我?
在維護期間,使用這些服務和 API 可能受到影響:
- CertCentral / Services API
- Direct Cert Portal / Direct Cert Portal API
- 憑證發行服務 (CIS)
- 單一憑證註冊通訊協議 (SCEP)
- Discovery/API
- ACME
- ACME 代理程式自動化/API
此外,這些服務和 API 的憑證發行可能受到影響:
- CertCentral / Services API
- Direct Cert Portal / Direct Cert Portal API
- 憑證發行服務 (CIS)
- 單一憑證註冊通訊協議 (SCEP)
- 完整網站安全性(CWS)/API
- Managed PKI for SSL (MSSL)/API
- PKI Platform 7/PKI Platform 8
- QV Trust 連結
我可以做什麼?
訂出相應計畫。
- 安排維護時段外的高優先順序訂單、續訂、重新發行和複本發行的時間。
- 如果您使用用於立刻發行憑證和自動化工作的 API,預期在此段時間內會中斷。
服務將在維護完成時盡快還原。
- 關於排程的維護日期和時間,請參閱 DigiCert 2020 排程的維護。
- 若要取得即時更新,請訂閱 DigiCert 狀態 頁面。
八月 21, 2020
四月 23, 2020
「探索」現在在所有 CertCentral 帳戶中都可使用
我們很榮幸宣佈,現在所有現有的 CertCentral 帳戶都納入了「探索」功能,這是我們最新和最強固的憑證探索工具。
註:對於那些曾使用 Certificate Inspector 者,「探索」取代了我們長期以來的 DigiCert 工具 -Certificate Inspector。
根據預設值,「探索」包括雲端掃描和感應器掃描試驗與 100 份憑證限制。
雲端掃描
雲端掃描使用基於雲端的感應器,因此沒有任何內容要安裝或管理。您可以立刻開始掃描,以尋找您所有面向公眾的 SSL/TLS 憑證,無論發行憑證授權機關 (CA) 為何。雲端掃描每 24 小時執行一次。
感應器掃描
感應器掃描是我們最強固的「探索」版本。此版本使用感應器掃描您的網路以快速尋找 您所有的內部和面向公眾的 SSL/TLS 憑證,無論發行憑證授權單位 (CA) 為何。「探索」也尋找憑證設定和實行中的問題,以及您的端點設定中的憑證相關漏洞或問題。
從您的 CertCentral 帳戶內部,集中設定和管理掃描。掃描結果顯示在 CertCentral 內部的直覺與互動式控制面板上。設定掃描執行一次,或在設定好的時程執行多次。
探索語言支援
隨著我們致力於全球化我們的產品提供,並且讓我們的網站、平台和文件更容易取得,我們很榮幸宣佈我們已新增語言支援到 CertCentral 的「探索」中。
現在,在 CertCentral 中設定您的語言喜好設定時,將「探索」納入組態中。
設定您的語言喜好
在您帳戶右上角的"您的姓名"下拉清單中,選擇我的設定檔。在設定檔設定頁面的語言下拉清單中,選擇其中一種語言,然後按儲存變更。
請參閱 CertCentral 語言喜好設定。
漏洞修復:DV 憑證訂單未遵守「提交基本網域進行驗證」帳戶設定
我們修復了 DV 憑證網域控制驗證 (DCV) 程序中的漏洞,其中的 DV 憑證訂單未遵守提交基本網域進行驗證帳戶設定。
註:關於 DV 憑證訂單,您必須驗證網域名稱是否和訂單中的命名完全相同。
現在,DV 憑證訂單遵照提交基本網域進行驗證帳戶設定,允許您在您的 DV 憑證訂單上的基本網域層級驗證您的子網域。
若要檢視您帳戶中的「網域驗證範圍」設定,請前往設定 > 喜好設定.在「分部喜好設定」頁面上,展開+進階設定。網域驗證範圍設定在網域控制驗證 (DCV) 區段中。
一月 22, 2020
探索:找到的憑證續訂通知的帳戶設定
在「探索』中,我們新增了新的帳戶設定開啟找到的憑證續訂通知,,讓您可以接收您將到期的"找到的" SSL/TLS 憑證的續訂通知。這些續訂通知包括續訂您和和我們的 SSL/TLS 憑證的選項。在 CertCentral 續訂"找到的" SSL/TLS 憑證,我們將用同等的 DigiCert 憑證將其取代。
根據預設值,CertCentral 帳戶的找到的憑證的續訂通知關閉*。若要開始接收您即將到期的找到的憑證的續訂通知,請前往 設定 > 喜好設定.在憑證續訂設定區段下,勾選開啟找到的憑證續訂通知。
*註:推出此設設定後,您可能需要重新開啟您帳戶的「探索」續訂通知。
若要瞭解更多,請參閱探索續訂通知。
十二月 10, 2019
探索雲端掃描服務
我們新增了新功能到「探索」中 — 雲端掃描服務 — 使用基於雲端的感應器尋找您面向公眾的 SSL/TLS 憑證,無論發行憑證授權機關 (CA) 為何。
「探索雲端掃描」是免費的雲端服務,因此沒有任何內容要安裝或管理。您可以立刻開始掃描以尋找您的公用 SSL/TLS 憑證。您可以執行的基於雲端的掃描次數沒有限制。
雲端掃描設定每 24 小時執行一次,並且使用最新儲存的掃描設定。雲端掃描提供與找到的憑證和安裝那些憑證所在的端點有關的詳細資料。
註:這是雲端掃描服務的開放式測試。
若要在左側的主功能表中開始,請前往探索 > 管理探索。在「管理掃描」頁面上,按一下單次雲端掃描。若要瞭解更多,請參閱探索雲端掃描服務。
十一月 21, 2019
探索:適用於非 DigiCert SSL/TLS 憑證的續訂通知
在「探索」,我們新增了用於 DigiCert 憑證的續訂通知功能,讓在同一個位置 — CertCentral 管理您所有的 SSL/TLS 憑證變得更加容易。現在,當「探索」尋找非 DigiCert 憑證時,我們將傳送用於這些憑證的通知,無論發行憑證授權機關 (CA) 為何。
註:在 CertCentral 續訂找到的非 DigiCert SSL/TLS 憑證時,我們將用同等的 DigiCert 憑證將其取代。例如,我們以非 DigiCert 單一網域 SSL 憑證取代 DigiCert 單一網域 SSL 憑證。
誰會收到這些續訂通知?
根據預設值,「探索」傳送非 DigiCert SSL/TLS 憑證的續訂通知到主要 CertCentral 系統管理,此為建立帳戶和接收所有帳戶通知的個體。
我們也會傳送續訂通知給任何其他指派的電郵地址以接收帳戶通知。請參閱設定帳戶電郵通知和憑證續訂通知。
何時傳送這些續訂通知?
「探索」使用您的 CertCentral 續訂通知設定,決定在何時傳送非 DigiCert 憑證的續訂通知。根據預設值,CertCentral 在憑證到期前的 90、60、30、7 和 3 天,以及憑證到期後的 7 天傳送續訂通知。
若要續訂您的續訂通知時程表,請參閱憑證續訂通知。
十一月 8, 2019
我們很榮幸宣佈「DigiCert 開發人員」入口網站的新增功能 — Discovery API.我們剛發佈了我們的第一組 Discovery API 端點。後續還有更多,我們持續建立 Discovery API 文件。
為什麼要使用?
- 存取 Discovery 功能不需要登入您的 CertCentral 帳戶。
- 客製化 Discovery 體驗以符合您組織的需求。
- 與您現有的工具整合。
您可以立刻開始使用的範例端點:
要訣與提示
- Discovery API 使用此基礎 URL:
https://daas.digicert.com/apicontroller/v1/ - Discovery API 要求系統管理員或管理員層級權限。
十月 28, 2019
在「探索」,我們新增了新功能 — 新增根和中介 CA — 讓您上傳公用和私密根與中介 CA。使用此功能取得憑證的更準確安全憑證。
如果「探索」找不到用於憑證的根和中介 CA,則會將憑證的安全評級降級。透過上傳一份憑證的中介和根 CA,下次「探索」執行包括該憑證的掃描時,您將得到更精準的評級。
註:支援的憑證格式:.der 和 .cer
在 CertCentral 的左側主功能表中,按一下探索 > 管理探索。在「管理掃描」頁面的更多行動下拉清單中,按一下管理根和中介 CA。請參閱我們的「探索使用指南」中的新增公用和私密根與中介 CA。
在「探索」中,我們新增了新的黑名單功能,讓您可以從您的掃描結果中排除特定的 IP 位址和 FQDN。例如,您可能想要在您的 CDN 網路中將網域加入黑名單。
註:當您將 IP 位址或 FQDN 加入黑名單時,其資料也會從所有將來的帳戶「探索」掃描中排除。此功能不會從現有的掃描結果中移除資訊。
在 CertCentral 的左側主功能表中,按一下探索 > 管理探索。在「管理掃描」頁面的更多行動下拉清單中,按一下管理黑名單。請參閱我們的「探索使用指南」中的將 IP 位和 FQDN 加入黑名單。
七月 17, 2019
在「探索』中,我們新增了掃描設定的密碼套件選項到掃描設定中,讓您查看在伺服器上啟用的密碼套件。新增或編輯掃描時,此選項在您選擇選擇要掃描的內容時位於設定區段中。請參閱設定和執行掃描或編輯掃描。
一完成您的掃描時,密碼套件資訊即列在伺服器詳細資料區段的伺服器詳細資料頁面上。(在資訊看板功能表中,按一下探索 > 檢視結果。在「憑證」頁面上,按一下檢視端點。在「端點」頁面上,按一下端點的 IP 位址/FQDN 連結。然後在「伺服器詳細資料」頁面上的「伺服器詳細資料」區段中,按一下「密碼檢視」連結。)
更新注意事項:在最新版 - 3.7.7 的感應器中可使用新的掃描設定的密碼套件選項。在完成感應器更新後,編輯掃描設定、,選擇選擇要掃描的內容、,勾選掃描設定的密碼套件,,然後重新執行掃描。
七月 16, 2019
在「探索」中,我們更新了適用於 Strict-Transport-Security (STS) 安全標題的等級系統。現在,我們僅檢查 HTTP 200 要求並忽略 HTTP 301 要求的 STS。我們僅在網站缺少 Strict-Transport-Security (STS) 安全標題或設定錯誤時處罰伺服器。在這些情況中,我們將伺服器評級為"面臨風險"。
之前,我們檢杳 HTTP 301 要求的 STS,並在缺少 Strict-Transport-Security (STS) 安全標題時處罰伺服器。在這些情況中,我們將伺服器評級為"不安全"。
若要檢視安全標題結果,請前往端點的「伺服器詳細資料」頁面。在資訊看板功能表中,按一下探索 > 檢視結果。在「憑證」頁面上,按一下檢視端點。在「端點」頁面上,按一下端點的 IP 位址/FQDN 連結。
更新注意事項:在最新版 - 3.7.7 的感應器中可使用更新的 STS 評級系統。完成感應器更新後,重新執行您的掃描以查看您的更新的 STS 等級。
七月 2, 2019
我們改良了與 CertCentral 整合的 SAML 單一登入 (SSO) 的使用者邀請工作流程,讓您可以在傳送您的帳戶使用者邀請前,指定受邀者為僅限 SSO 使用者。現在,在邀請新使用者彈出視窗中,使用僅 SAML 單一登入 (SSO) 選項限制到僅 SAML SSO 的受邀者。
註:此選項停用這使用者的所有其他身份驗證方法。此外,此選項僅在您已對您的 CertCentral 帳戶啟用 SAML 時出現。
(在資訊看板功能表中,按一下帳戶 > 使用者邀請。在「使用者邀請」頁面上,按一下邀請新使用者。請參閱 SAML SSO:邀請使用者加入您的帳戶。)
簡化的註冊表
我們也簡化了僅 SSO 使用者註冊表,移除密碼和安全問題要求。現在,僅 SSO 受邀者需要只新增他們的個人資料。
我們讓從您帳戶中的 CertCentral 控制面板查看您的「探索」憑證掃描結果變得更加容易,新增探索即將到期的憑證、,憑證發行者,和依等級分析的憑證小工具。
每個小工具都包含一個互動圖表,允許您深入研究以輕鬆尋找更多與即將到期的憑證 (例如哪一份憑證將在 8 到 15 內到期)、依發行 CA (例如 DigiCert) 的憑證和依安全評級的憑證 (例如不安全) 有關的資訊。
更多有關探索的資訊
「探索」使用感應器掃描您的網路。從您的 CertCentral 帳戶內部,集中設定和管理掃描。
- 若要啟用您的 CertCentral 帳戶的「探索」,請聯絡您的帳戶管理器或我們的支援團隊。
- 如需有關讓「探索」啟用和執行的資訊,請參閱探索:安裝感應器並執行掃描。
在 DigiCert Services API 中,我們更新了訂單資訊端點,讓您可以查看如何要求憑證。關於透過 Services API 或 ACME Directory URL 要求的憑證,我們會傳回一個新的回應參數:api_key. 此參數包括密鑰名稱與密鑰類型:API 或 ACME。
註:關於透過其他方法 (例如 CertCentral 帳戶、訪客要求 URL 等) 要求的訂單,從回應中省略 api_key 參數。
現在,在檢視訂單詳細資料時,您將會看到用於透過 API 或 ACME Directory URL 要求的訂單的回應中的新 api_key 參數。
取得 https://dev.digicert.com/services-api/order/certificate/{order_id}
回應:
我們新增了新的搜尋篩選器 – 要求方式 – 透過「訂單」頁面,允許您搜尋透過特定的 API 密鑰或 ACME Directory URL 要求的憑證訂單。
現在,在「訂單」頁面上,使用要求方式篩選器,透過特定的 API 密鑰或 ACME Directory URL 要求尋找要求的啟用、到期、已撤銷、已拒絕、擱置的重新發行、擱置的和重複的憑證。
(在資訊看板功能表中,按一下憑證 > 訂單。在「訂單」頁面上,按一下顯示進階搜尋。然後在要求方式下拉清單中,選擇 API 密鑰或 ACME Directory URL 名稱,或在方塊中輸入其名稱。)
五月 24, 2019
我們已新增新的工具到我們的 CertCentral 組合中—探索—提供您的整個 SSL/TLS 憑證全貌的即時分析。
「探索」是針對快速尋找您的所有面向內部和公眾的 SSL/TLS 憑證而設計,與發行的憑證授權單位 (CA) 無關,「探索」找出憑證設定和實行的問題,以及您的端點設定中與憑證相關的漏洞或問題。
註:「探索」使用感應器掃描您的網路。感應器是安裝在策略位置的小型軟體應用程式。每次掃描都連結一個感應器。
從您的 CertCentral 帳戶內部,集中設定和管理掃描。掃描結果顯示在 CertCentral 內部的直覺與互動式控制面板上。設定掃描執行一次,或在設定好的時程執行多次。
- 若要啟用您的 CertCentral 帳戶的「探索」,請聯絡您的帳戶管理器或我們的支援團隊。
- 如需有關讓「探索」啟用和執行的資訊,請參閱探索:安裝感應器並執行掃描。