On April 23rd, we released an updated version of the Certificate Provisioning System (CPS) User Interface focused on security and backend improvements. While the functionality and workflows remain unchanged, this update positions us for smoother development and better long-term security.

This release ensures that ECDSA and RSA key types use the same DigiCert root selection bundle for your trust chains. To tailor your default root selection, you can trigger an early renewal or cancel and replace your certificate. For details on DigiCert root selection options, see Select a trust chain.

On March 6, 2025, Akamai will update the default trust chain for newly issued certificates from the current G1 hierarchy to the G2/G3 hierarchy:

The new DigiCert root selection options provide flexibility when managing your organization-validated (OV) and extended-validated (EV) certificates. To avoid selecting the trust chain for an RSA issuer separately from an ECDSA issuer, pre-set issuer pairs (bundles) are available in the CPS user interface. For more information, see Select a trust chain and Community.”

Updates include:

This release restores the Event Logger system function in the CPS API. The core functionality of the event logger remains the same. There should be no change to the system's behavior, as provided in early 2024 and beyond.

This release addresses a production bug that resulted in an incorrect live domain acknowledgement for renewal certificates that don't support SANs and didn't modify SANs.

When creating a new certificate in the CPS application, context for contracts under all accessible accounts is now available, regardless of which account is currently logged in to Control Center. This enhancement lets you view and maintain enrollments across contracts under related accounts.

The behavior in the CPS around certificate history and certificate activity data is changing as of October 7th, 2024. For enrollments with six certificates or fewer, the response yields up to twelve years of data per certificate. If there are more than six certificates in the enrollment, the response shows a truncated set. To view all changes or certificates, use the includeAll=true query parameter in the request. For more information, see the documentation.

Updates include: