Complete Website Security 4.5 and Managed PKI for SSL are live on May 8!
- Quickly replace certs at risk of Google Chrome distrust – In certificate management views and search results, admins can replace legacy Symantec certs with just a couple of clicks. The replacement request uses the previous CSR to generate the replacement cert.
- Identify Symantec certs at risk of Google Chrome distrust – Managed PKI for SSL reports now include the intermediate CA info so you can find your legacy Symantec-issued certs. Already available in Complete Website Security.
- Enter new challenge phrase on certificate replace - In the CWS console, the standard cert replacement process previously asked for the last challenge phrase. Now the admin only needs to enter a new challenge phrase for the replacement cert. Since the admin is already signed in, the old challenge phrase is not necessary for user validation. Not applicable to MSSL and subscriber services.
- VICE2 API updates – Generate and pick up a new admin ID with a CSR; filter reports by common name or email address; update certificate subscriber information including custom fields.
- Account and certificate notifications now from digicert.com – Account and certificate lifecycle notifications (CWS and MSSL) and discovery and automation notifications (CWS) now have a From address from digicert.com instead of symantec.com. Check your spam filters or whitelists to make sure you continue to get critical CWS and MSSL notifications.
- EV green address bar for SHA-256 full chain certs restored in Chrome 66 – Latest stable release of Google Chrome fixes a bug that prevented the green address bar from displaying on sites with Extended Validation (EV) certs signed with SHA-256 full chain (SHA-256 signing on certificate, intermediate(s), and root).
- Complete Website Security - Sensor installation and certificate discovery support for Red Hat Enterprise Linux 7.4 and Microsoft Windows Server 2016.
- Complete Website Security – Agent installation and certificate automation support for Red Hat Enterprise Linux 7.4.
- API developer documentation – The Website Security Developer Portal has moved to DigiCert at https://docs.digicert.com/api-developer-portal/. The developer portal on symantec.com will redirect to DigiCert for a limited time, so update your bookmarks soon.
What’s coming up?
Complete Website Security 4.6 and Managed PKI for SSL (expected May 31, 2018)
- Update certificate custom fields – In the CWS console, keep additional cert info up-to-date after initial enrollment. Under Additional information in the detailed cert view, edit any custom field. Already available in Managed PKI for SSL.
- Identify vulnerabilities per page scanned – Vulnerability assessment report will include specific points of weakness per page, instead of only a summary of vulnerabilities found on the website. The report will also include step-by-step attack proof-of-concept and recommended solutions for discovered vulnerabilities.
- Minimize network traffic from vulnerability and malware scans – Vulnerability assessment will run a complete scan once a month. Malware services will check your domain against a trusted blacklist of malicious websites, instead of scanning your domain every day.
- CWS console help – The CWS help portal is moving to https://docs.digicert.com/cws/ and console links to the portal will be updated. Visit the help portal for getting started, tutorials, general console usage, and support contact info.