Starting October 19, 2022, DigiCert will require organizations on Code Signing (CS) and EV Code Signing (EV CS) certificate orders to have a verified contact.
DigiCert has always required a verified contact from the organization to approve code signing certificate orders before we issue the certificate. Today, DigiCert can add a verified contact to an organization during the validation process. After October 19, verified contacts must be submitted with the organization.
To make the transition easier, when you submit a request to the Order code signing certificate API endpoint, DigiCert will default to adding the authenticated user (the user who owns the API key in the request) as a verified contact for the organization.
DigiCert will apply this default when:
This change affects you if:
To avoid a lapse in service, make sure users in your CertCentral account with active API keys have a phone number and job title. You can update user details in the CertCentral console, or you can use these API endpoints to list API keys and to list and update user details:
Alternately, make sure organizations on CS and EV CS orders have a verified contact:
organization.contactsarray to identify the contacts you want to add. For examples, see Order code signing certificate – CS and EV CS organization validation.