Live on July 31, 2018!
- Replace distrusted certificates in bulk - For accounts that have more than a few certificates at risk of browser distrust, admins can quickly replace multiple certificates in batches. Applies to Managed PKI for SSL only.
- New organizational unit validation - DigiCert implemented a new organizational unit (OU) verification process for checking the OU included in your certificate requests. See "Important dates and activities" above.
Complete Website Security 4.6 and Managed PKI for SSL (released May 31, 2018)
- Update certificate custom fields – In the CWS console, keep additional cert info up-to-date after initial enrollment. Under Additional information in the detailed cert view, edit any custom field. Already available in Managed PKI for SSL.
- Identify vulnerabilities per page scanned – Vulnerability assessment report includes specific points of weakness per page, instead of only a summary of vulnerabilities found on the website. The report also includes step-by-step attack proof-of-concept and recommended solutions for discovered vulnerabilities.
- Minimize network traffic from vulnerability and malware scans – Vulnerability assessment runs a complete scan once a month. Malware services checks your domain against a trusted blacklist of malicious websites, instead of scanning your domain every day.
- CWS console help – The CWS help portal has moved to https://docs.digicert.com/cws/ and console links direct to the new portal. Visit the help portal for getting started, tutorials, general console usage, and support contact info.
- General Data Protection Regulation (GDPR) and your certificates – The European Union’s General Data Protection Regulation (GDPR), in effect as of May 25, 2018, introduces policies that may prevent us from getting the proper domain contact email from your registrars. Your domain contact is a primary method to prove domain ownership for certificate requests and domain approvals. To learn more and make sure you continue to get your certificates promptly, visit our Note on WHOIS, GDPR and Domain Validation. GDPR has no impact on valid certificates and domains.
- EV green address bar for SHA-256 full chain certs restored in Chrome 66 – Latest stable release of Google Chrome fixes a bug that prevented the green address bar from displaying on sites with Extended Validation (EV) certs signed with SHA-256 full chain (SHA-256 signing on certificate, intermediate(s), and root).
- Complete Website Security - Sensor installation and certificate discovery support for Red Hat Enterprise Linux 7.4 and Microsoft Windows Server 2016.
- Complete Website Security – Agent installation and certificate automation support for Red Hat Enterprise Linux 7.4.
- API developer documentation – The Website Security Developer Portal has moved to DigiCert at https://docs.digicert.com/api-developer-portal/. The developer portal on symantec.com will redirect to DigiCert for a limited time, so update your bookmarks soon.
What’s coming up?
Coming November 15
- Organization and domain consolidation – As we complete our transition into DigiCert, we’re consolidating organization and domain authentication processes for all certificate types, which will simplify organization and domain statuses in your consoles. For details on how this improves your visibility into your organization and domain statuses, visit this knowledge base article.
- Language support for DCV emails – When you resend DCV (Domain Control Validation) emails to confirm proper domain ownership, you’ll be able to select the appropriate language for the domain owners.
- OU validation enhancement – New organization validation requests with unverified organizational units (OU) are typically delayed for manual validation. Previously these organization requests were categorized as “pending”. For greater clarity on status, these orders will show a status of “pending OU validation”.
- Common name in certificate email subject lines – Easily identify the relevant certificate common name (domain) in emails regarding order status and issuance.