Update to the Basic Constraints extension for Organization-validated and Extended-validated certificates

To help provide ideal performance Certificate Provisioning System (CPS) is introducing rate limiting. To ensure these new rate limits don't negatively impact customer performance with CPS, it will be introduced intermittently.
The limits are:

The cross-sign from IdenTrust’s DST Root CA X3 to the Let’s Encrypt ISRG Root X1 certificate will expire in September 2024. To prepare for this expiration, Let’s Encrypt has announced their plans to discontinue use of the cross-sign, and issue all certificates exclusively using their intermediate certificates signed by the ISRG Root X1 certificate.

The Certificate Provisioning System (CPS) application now provides an automatic delay after the manual cancellation of a certificate renewal before starting the next renewal.

The Certificate Provisioning System API Postman collection (beta) is now available! Try the API, build workflows, and stay on top of development changes.

The Certificate Provisioning System (CPS) application now provides users with the ability to control the automatic refresh of the certificates lists on both the "In Progress" and "Active" tabs. For users with a large number of certificates, disabling automatic refresh can be useful when searching for specific certificates or navigating pages.

Akamai now supports both ECDSA and RSA keys for all new and existing third-party certificates provisioned in Certificate Provisioning System (CPS). ECDSA+RSA "dual-stack" capability has been available for Akamai-managed OV and EV certificates since 2017 and is now available for all third-party certificates. This free upgrade is available for Standard TLS and Enhanced TLS hostnames, and is supported in all geographies and regions where Akamai delivers secure traffic. No additional contract line items or entitlements are required.

Secure Provisioning Service (SPS) API is to be decommissioned (turned off) entirely, on January 3, 2023.

The intermediate certificate authority (trust chain) for Akamai-managed OV certificates from DigiCert is changing on March 1, 2022, or later.

We've redesigned the documentation experience for Certificate Provisioning System to make it easier for you to find the guides, API docs, and resources you need. Everything is now in one place. Visit the Welcome page for a toolkit of Certificate Provisioning System resources.