Skip to main content

Add an IP restriction for CertCentral

Use these instructions to add an IP restriction for CertCentral Enterprise, Partner, and Subscription accounts.

Before you begin

IP restrictions allow you to manage which IP addresses can access CertCentral, Guest URLs, and API keys. Once you've adding an IP restriction rule, you must access CertCentral from the IP addresses for which you have rules.

Be careful adding rules. An added rule takes effect immediately and restrict IP addresses outside the IP range. You can add and delete IP restriction rules. To update a rule, you must delete the existing one and add a new one.

Add an IP restriction rule

  1. In CertCentral, in the left menu, go to Settings > IP Restrictions.

  2. On the IP Restrictions page, under IP Address Restrictions, select On and then select Save.

  3. Select Add New Rule.

  4. On the New IP Restriction page, CertCentral displays the IP address you’re using to access CertCentral.

    If adding an "Account Wide" rule, make sure to include this IP address in your IP restriction rule.

  5. In the Restriction Type menu, select the restriction you’re adding the rule for.

    1. Account Wide and go to step 6.

    2. All Guest URLs and go to step 6.

    3. User and then in the menu, select the user whose access you want to restrict.

    4. API Key and then in the menu, select the API key’s access you want to restrict.

    5. Guest URL and then in the menu, select the Guest URL’s access you want to restrict.

  6. In the IP Range Start field, enter the IP address or the start of the IP address range for the IP restriction rule.

  7. In the IP Range End field, do one of the following:

    1. For a range of IP addresses, enter the end of the IP address range for the IP restriction rule.

    2. For a single IP address, enter the same IP address from the IP Range Start field.

  8. In the Description field, enter a description for the rule.

    DigiCert recommends adding a description that makes the rule easy to identify should you need to remove it if blocking legitimate CertCentral access.

  9. Once you're ready, select Add Rule.

    警告

    The added rule takes effect immediately and blocks user access from IP addresses not included in the specified IP range.

What’s next

Verify that the IP restriction rule provides the needed CertCentral access while blocking unwanted access. Be prepared to remove the rule immediately if you encounter issues. See our Delete an IP restriction rule for CertCentral instructions.

本节内容如下: