Under this section, add the following profile settings for each DigiCert authority.
Product Identifier
Enter the certificate types, also referred to as "DigiCert products", supported by the profile. List them as a comma-separated string of DigiCert identifiers.
["ssl_cloud_wildcard", "ssl_plus", "ssl_multi_domain"]See the available values at:
https://dev.digicert.com/en/certcentral-apis/services-api/glossary.html#product-identifiers
Mandatory: Yes.
Domain Validation Method
The method to prove control over a domain when requesting an SSL/TLS certificate from a DigiCert CA. Supported values are the following.
Value | Description |
|---|---|
| CNAME DNS record validation |
| HTTP file validation |
| Dynamic HTTP file validation |
| TXT DNS record validation |
Mandatory: When the selected product requires a validation method.
Verified Contact Email for Extended Validation (EV)
The email address of the Verified Contact associated with the organization requesting an EV certificate.
Mandatory: Only for Extended Validation (EV) certificates.
Signature Hash Algorithm
The cryptographic algorithm for generating a hash of the signed data.
Supported values are:
- sha256
- sha384
- sha512
Mandatory: Yes.
Order Validity (years)
The number of years for which each certificate order remains active, allowing certificates to be issued, reissued, or renewed under the same order.
Mandatory: No. This optional value defaults to one year.
Certificate Validity (years)
The number of years for which each certificate is valid and trusted after issuance, as determined by the issuance date and expiration date.
Mandatory: Only applies to multi-year plans. When this optional value is omitted, the CA sets the validity period according to the CAB Forum baseline requirements.