篩選依據: domains x 清除
new

CertCentral Services API: Domain locking API endpoints

DigiCert is happy to announce our domain locking feature is now available in the CertCentral Services API.

Note: Before you can use the domain locking endpoints, you must first enable domain locking for your CertCentral account. See Domain locking  – Enable domain locking for your account.

New API endpoints

Updated API endpoints

We updated the response for the Domain info and List domains endpoints to include the following parameters with domain lock details:

  • domain_locking_status (string)
    Domain lock status. Only returned if domain locking is enabled for the account.
  • account_token (string)
    Domain lock account token. Only returned if domain locking is enabled for the account, and if domain locking has been activated for the domain at least once.

To learn more, see:

new

CertCentral: Domain locking is now available

DigiCert is happy to announce our domain locking feature is now available.

Does your company have more than one CertCentral account? Do you need to control which of your accounts can order certificates for specific company domains?

Domain locking allows you to control which of your CertCentral accounts can order certificates for your domains.

How does domain locking work?

DNS Certification Authority Authorization (CAA) resource records allow you to control which certificate authorities can issue certificates for your domains.

With domain locking, you can use this same CAA resource record to control which of your company's CertCentral accounts can order certificates for your domains.

How do I lock a domain?

To lock a domain:

  1. Enable domain locking for your account.
  2. Set up domain locking for a domain.
  3. Add the domain's unique verification token to the domain's DNS CAA resource record.
  4. Check the CAA record for the unique verification token.

To learn more, see:

new

End of life for account upgrades from Symantec, GeoTrust, Thawte or RapidSSL to CertCentral™

From April 5, 2022, MDT, you can no longer upgrade your Symantec, GeoTrust, Thawte, or RapidSSL account to CertCentral™.

If you haven't already moved to DigiCert CertCentral, upgrade now to maintain website security and have continued access to your certificates.

Note: During 2020, DigiCert discontinued all Symantec, GeoTrust, Thawte, RapidSSL admin consoles, enrollment services, and API services.

How do I upgrade my account?

To upgrade your account, contact DigiCert Support immediately. For more information about the account upgrade process, see Upgrade from Symantec, GeoTrust, Thawte, or RapidSSL.

What happens if I don't upgrade my account to CertCentral?

After April 5, 2022, you must get a new CertCentral account and manually add all account information, such as domains and organizations. In addition, you won't be able to migrate any of your active certificates to your new account.

For help setting up your new CertCentral account after April 5, 2022, contact DigiCert Support.

enhancement

CertCentral Services API: Improved List domains endpoint response

To make it easier to find information about the domain control validation (DCV) status for domains in your CertCentral account, we added these response parameters to domain objects in the List domains API response:

  • dcv_approval_datetime: Completion date and time of the most recent DCV check for the domain.
  • last_submitted_datetime: Date and time the domain was last submitted for validation.

For more information, see the reference documentation for the List domains endpoint.

fix

We updated the behavior for products that can use wildcard domain names and fully qualified domain names (FQDNs) in a certificate. After August 23, 2021 certificates including the wildcard domain name will only secure the FQDN and all of its same-level domain names without charge.

Subject Alternative Names (SANs) that are not at the same level as the wildcard domain name will be considered additional to the wildcard coverage. For example, a wildcard certificate for *.digicert.com will only allow FQDNs like one.digicert.com, two.digicert.com, and three.digicert.com to be included as SANs in the certificate without charge.

new

CertCentral Services API:新的子帳戶端點

為了讓管理您的子帳戶變得更加容易,我們新增了兩個新端點到 CertCentral Services API 中:列出子帳戶網域列出子帳戶組織

new

舊帳戶升級 2.0

我們很榮幸宣佈在升級您的舊主控台至 CertCentral 時,資料移轉現在包含已驗證的網域和使用中的公用 SSL/TLS 憑證。請參閱您需要知道的與帳戶資料移轉有關的事項

推出此產品後,我們開始我們的舊主控台升級至 CertCentral 的階段。升級條件取決於公司尺寸、貨幣喜好和功能使用。

註:CertCentral 升級免費。如果您對立刻升級感興趣,請聯絡您的帳戶管理器或我們的支援團隊

如果您的舊帳戶符合第一階段條件,當您登入您的主控台時,您會看到升級至 CertCentral 的選項。升級時,我們會將您的組織和已驗證的網域移轉到您的 CertCentral 帳戶。然後在就緒時,您可以匯入您使用中的公用 SSL/TLS 憑證。

如需更多有關升級至 CertCentral 和資料移轉的資訊,請參閱我們的升級至 CertCentral 指南

其他類型的憑證

此時無法匯入 Private SSL、代碼簽署、S/Mime 和其他類型的憑證。Private SSL/TLS 和非 SSL/TLS 憑證將是個別的移轉努力的一部份。