Partner Blog 02-15-2018

A New Way to Check for Chrome Distrust & Other Product Updates

Kevin Brown

In the past few days, we made more updates to ’s partner platform and SOAP API. Here’s a recap of what went live (and where).

Change Authentication Type for Pending Reissue Orders

You can now change authentication types for pending reissue orders for DV, OV, and EV certificates, from both the API and the partner portal’s Bulk Reissue Tool. This functionality works for:

  • EMAIL to/from DNS
  • EMAIL to/from FILE
  • DNS to/from FILE
Change the Authentication Type from API

Partners can now reissue orders from the API to support EMAIL, DNS, or FILE authentication types, regardless of the initial order’s authentication type. This applies to all SSL products (DV, OV, and EV) except private CA orders.

Change the Authentication Type from the Bulk Reissue Tool

You can now initiate reissue orders from the Bulk Reissue Tool to support EMAIL, DNS, or FILE authentication types, regardless of the initial order’s authentication type. This applies to all SSL products (DV, OV, and EV) except private CA orders.

Get Status Updates While an Order Is “Pending”

Partners (as well as your customers) can now view intermediate authentication states via the API Response for File and DNS Authentication and via the API and GUI for Organization, Contact, and Domains. This means you can receive status updates even when an order is “pending.”

Support for Full-Chain EV SHA-2

We enabled full-chain support for SHA-2 on EV certificates via our partner portal and API.

Enhancements for SANs

A partner portal bug is fixed, thereby restoring the ability to read the CSR’s SAN values when partners order a new SSL certificate or renew an existing SSL certificate.

For partners who have the “Don’t copy non-www value to the SAN field“ setting enabled, we restored the behavior that was in place before 1 December 2017.

Configure Order Fulfillment Emails at Enterprise Level

Partners now have the option to configure sending order fulfillment emails at an enterprise level during reissuance using the Bulk Reissue Tool.

Enhancements to CSR Validation Checking & Detail Retrieval in Bulk Reissue Tool

We deprecated non-critical CSR validation checks from our Bulk Reissue Tool and increased its ability to save and retrieve processing details when the service is unexpectedly interrupted.

Check Individual Domains for Chrome Distrust

You can use a simple web-based tool to check whether any domain has a GeoTrust, RapidSSL, Symantec, or Thawte certificate and needs action related to upcoming releases of Google Chrome. is publicly available, so partners can offer it to customers who want objective factualization of their certificate’s status. Visit it at .

The upcoming deadline for Chrome 66 distrust is approaching quickly, so we recommend taking action as soon as possible on any affected certificates.

UP NEXT
PKI

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories

07-03-2024

What is a CA’s Role in delivering digital trust?

11-11-2024

FIPS 140-3 certification unlocked for TrustCore SDK

10-31-2024

Announcing the GA release of Device Trust Manager