在您決定是否將憑證記錄到 CT 記錄中之前,瞭解在絕大多數的情況中,在公用 CT 記錄中記錄您的憑證是正確選擇是一件重要的事。
但我們知道您可能有您不想要在 CT 記錄中公開的內部網域。這些網域可能被排除在 CT 記錄外。以下是協助您做出正確的 CT 記錄選擇的資訊。
如果憑證正保護公用網站,您應一律將其記錄在 CT 記錄中。
如果憑證正保護內部或私用網站,而且您有需要對品牌、隱私或網路安全性保密的組織和網域名稱,您可以選擇不記錄憑證。
缺點是大多數瀏覽器有 CT 記錄規定 (例如 Chrome、Safari 等),而且與您網站連線的任何人都將會看到不受信任的警告。因此,請確定您:
DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.
©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.