Jul 9, 2024 – CPS live domain acknowledgment changes

Updates include:

Jun 6, 2024 – DV SAN and Default DV trust chain changes

The cross-sign from IdenTrust’s DST Root CA X3 to the Let’s Encrypt ISRG Root X1 certificate will expire in September 2024. To prepare for this expiration, Let’s Encrypt has announced their plans to discontinue use of the cross-sign, and issue all certificates exclusively using their intermediate certificates signed by the ISRG Root X1 certificate. At the same time, Let’s Encrypt will be introducing new intermediate certificates for both ECDSA and RSA issuance.

May 3, 2024 – New CPS API endpoint for all active certificates

This endpoint can be used to monitor your active certificates. With the List active certificates operation, you can view all active certificates on your contract. The request's response object rolls up all of your active certificate's enrollments into a single response. New enrollments, with no active certificates, display null or empty fields as appropriate.

Mar 28, 2024 – Federal Information Processing Standards (FIPS 140-2) for CPS certificates

The CPS user interface and API now give you the option to enable delivery of your client-to-edge traffic using FedRAMP and FIPS-140-2 compliant cryptographic functions. When you enable FIPS mode for your certificates, the Akamai network will present only the FIPS 140-2 validated ciphers within the selected cipher profile to connecting clients. Public and private key pair generation in CPS , after March 1, 2024, always uses FIPS 140-2 validated functions.

Feb 8, 2024 – DV SAN and Default DV trust chain changes

The cross-sign from IdenTrust’s DST Root CA X3 to the Let’s Encrypt ISRG Root X1 certificate will expire in September 2024. To prepare for this expiration, Let’s Encrypt has announced their plans to discontinue use of the cross-sign, and issue all certificates exclusively using their intermediate certificates signed by the ISRG Root X1 certificate.

Oct 17, 2023 — DigiCert site seal replaces Norton site seal

On Oct 17, 2023 DigiCert will automatically replace the Norton site seal image with the DigiCert site seal image wherever it appears on websites with Akamai-managed Organization-validated (OV) or Extended-validated (EV) certificates. This change is automatic and no action is required.

Sep 5, 2023 — Basic Constraints extension for Organization-validated and Extended-validated certificates

Update to the Basic Constraints extension for Organization-validated and Extended-validated certificates

Nov 7, 2023 — CPS API Rate Limiting

To help provide ideal performance, the Certificate Provisioning System (CPS) API is now subject to request rate limiting. The API returns a response with an HTTP status code of 429 if these rate limits are exceeded. See Rate limiting for more information.

April 11, 2023 — Introducing rate limiting

To help provide ideal performance Certificate Provisioning System (CPS) is introducing rate limiting. To ensure these new rate limits don't negatively impact customer performance with CPS, it will be introduced intermittently.
The limits are:

Feb 1, 2023 — Automatic delay for certificate renewal

The Certificate Provisioning System (CPS) application now provides an automatic delay after the manual cancellation of a certificate renewal before starting the next renewal.