DigiCert KnowledgeBase - Technical Support-hero

Knowledge Base

DigiCert Certificate Status IP Addresses

Solution ID : ALERT19
Last Modified : 12/12/2024


This page contains the DigiCert dedicated IP addresses for DigiCert Online Certificate Status Protocol (OCSP), Certificate Revocation List (CRL), and a few other DigiCert services. 

How do these IP addresses affect my digital certificate environment?

DigiCert certificate status IPv4 addresses

DigiCert certificate status IPv6 addresses

DigiCert moving to new dedicated IPv4 addresses for our DigiCert services and removing support for IPv6 addresses

On January 10, 2025, at 08:00 MST (15:00 UTC), DigiCert will move to a new CDN (content delivery network) and assign new dedicated IPv4 addresses to several services to our Online Certificate Status Protocol (OCSP), Certificate Revocation List (CRL), and a few other DigiCert services. We will also remove support for IPv6 addresses at this time.

If your company uses allowlists, update your allowlists to include the new IPv4 addresses by January 10, 2025, to keep your DigiCert services running as they did before the move to the new IPv4 addresses.

To learn more, see our change log entry for January 10, 2025, DigiCert moving to new dedicated IPv4 addresses for our DigiCert services and removing support for IPv6 addresses.

 

How do these IP addresses affect my digital certificate environment?

Do you have DigiCert certificates? Do you use allowlists to control inbound and outbound connectivity to your environment?

Then, check the table below and add the necessary IPv4 addresses to your allowlist. You must allow outbound connectivity to these addresses to verify if a certificate should be trusted.

OCSP and CRL distribution endpoints using any of the following subdomains do not use the IPv4 addresses in the table below:

  • one.digicert.com
  • one.nl.digicert.com
  • one.ch.digicert.com
  • ​one.digicert.co.jp
  • one.oracle.digicert.com.


What are OCSPs and CRLs used for?

Your applications and browsers call one of our OCSP or CRL endpoints to learn the revocation status of a DigiCert certificate, such as a TLS or code signing certificate.

  • If the certificate is not listed in the CRL and the OCSP status is good, you can trust it to protect the website or verify the code it signed.
  • If the certificate has been revoked, you should no longer trust it to protect the website or verify the code it signed.


DigiCert certificate status IPv4 addresses

Most of the IPv4 addresses are for the DigiCert OCSPs and CRLs. However, we have included some additional PKI Platform 8 services in the table.

Service URL IPv4 addresses
CertCentral Global OCSPs
  • ocsp.digicert.com
  • status.thawte.com
  • status.geotrust.com
  • status.rapidssl.com
  • kr.ocsp.digicert.com
  • ocsp.digicert-cn.com
  • ocsp.edge.digicert.com
  • ocsp.omniroot.com
  • ocsp1.digicert.com
  • ocsp2.digicert.com
  • ocspx.digicert.com
  • statusd.digitalcertvalidation.com
  • statuse.digitalcertvalidation.com
  • statusf.digitalcertvalidation.com
  • statush.digitalcertvalidation.com
  • www.public-trust.com
  • 2.16.38.4/32
  • 2.16.70.4/32
  • 2.17.51.198/32
  • 2.17.190.73/32
  • 2.22.98.7/32
  • 2.23.77.188/32
  • 2.23.115.184/32
  • 23.4.43.62/32
  • 23.5.103.252/32
  • 23.9.199.253/32
  • 23.9.220.6/32
  • 23.10.239.251/32
  • 23.13.145.132/32
  • 23.15.147.118/32
  • 23.15.192.8/32
  • 23.33.158.241/32
  • 23.33.192.6/32
  • 23.35.47.228/32
  • 23.35.56.86/32
  • 23.35.89.14/32
  • 23.36.55.181/32
  • 23.37.240.161/32
  • 23.38.30.153/32
  • 23.38.59.250/32
  • 23.38.128.228/32
  • 23.39.28.44/32
  • 23.39.81.215/32
  • 23.40.158.218/32
  • 23.42.70.18/32
  • 23.42.196.39/32
  • 23.42.243.6/32
  • 23.46.32.10/32
  • 23.46.247.107/32
  • 23.47.110.142/32
  • 23.49.140.110/32
  • 23.50.21.119/32
  • 23.50.108.3/32
  • 23.51.98.7/32
  • 23.52.56.216/32
  • 23.52.159.218/32
  • 23.53.128.229/32
  • 23.53.193.109/32
  • 23.54.109.203/32
  • 23.54.251.198/32
  • 23.55.136.38/32
  • 23.55.219.177/32
  • 23.58.31.18/32
  • 23.58.191.18/32
  • 23.59.113.152/32
  • 23.60.131.209/32
  • 23.63.20.21/32
  • 23.63.118.230/32
  • 23.64.172.197/32
  • 23.65.15.245/32
  • 23.65.143.158/32
  • 23.66.33.52/32
  • 23.67.160.244/32
  • 23.196.96.159/32
  • 23.196.145.221/32
  • 23.196.193.245/32
  • 23.198.74.242/32
  • 23.201.3.207/32
  • 23.202.3.246/32
  • 23.203.176.221/32
  • 23.204.150.28/32
  • 23.207.17.2/32
  • 23.208.236.42/32
  • 23.210.96.161/32
  • 23.210.163.238/32
  • 23.210.252.238/32
  • 23.212.34.247/32
  • 23.217.147.198/32
  • 23.219.19.250/32
  • 23.221.103.220/32
  • 23.222.208.162/32
  • 59.151.128.10/32
  • 72.247.234.254/32
  • 92.123.159.240/32
  • 96.7.5.228/32
  • 96.16.19.56/32
  • 96.16.241.23/32
  • 104.75.232.13/32
  • 104.78.173.167/32
  • 104.81.99.218/32
  • 104.82.114.5/32
  • 104.83.138.254/32
  • 104.94.127.7/32
  • 118.214.79.16/32
  • 118.214.255.18/32
  • 118.215.103.18/32
  • 184.24.0.227/32
  • 184.24.117.245/32
  • 184.24.231.245/32
  • 184.26.192.44/32
  • 184.27.16.5/32
  • 184.28.9.100/32
  • 184.30.131.245/32
  • 184.31.68.248/32
  • 184.31.176.162/32
  • 184.50.179.49/32
  • 184.86.11.11/32
CertCentral Global CRLs
  • crl3.digicert.com
  • crl4.digicert.com
  • cdp.thawte.com
  • cdp.geotrust.com
  • cdp.rapidssl.com
  • cdp1.digicert.com
  • cdp1.public-trust.com
  • cdp2.digicert.com
  • cdph.digitalcertvalidation.com
  • crl.digicert-cn.com­­
  • crl.edge.digicert.com
  • crl.pki.abb.com
  • www.public-trust.com

See CertCentral Global OCSPs

CertCentral Europe OCSPs
  • ocsp.digicert.eu
  • 2.16.38.7/32
  • 2.16.70.7/32
  • 2.17.70.158/32
  • 2.18.150.166/32
  • 2.19.66.9/32
  • 2.21.193.10/32
  • 2.21.208.234/32
  • 23.0.20.23/32
  • 23.1.28.179/32
  • 23.2.89.202/32
  • 23.2.176.169/32
  • 23.4.65.93/32
  • 23.5.108.225/32
  • 23.6.4.162/32
  • 23.6.242.12/32
  • 23.7.1.103/32
  • 23.10.230.8/32
  • 23.11.88.161/32
  • 23.11.113.3/32
  • 23.13.150.247/32
  • 23.14.65.8/32
  • 23.15.158.153/32
  • 23.34.97.102/32
  • 23.35.49.15/32
  • 23.35.90.48/32
  • 23.35.114.102/32
  • 23.35.129.54/32
  • 23.36.235.132/32
  • 23.37.49.55/32
  • 23.37.143.11/32
  • 23.37.245.128/32
  • 23.38.133.196/32
  • 23.39.86.183/32
  • 23.41.197.198/32
  • 23.42.103.206/32
  • 23.42.225.4/32
  • 23.46.122.4/32
  • 23.47.23.54/32
  • 23.47.103.216/32
  • 23.47.226.5/32
  • 23.48.65.10/32
  • 23.49.88.3/32
  • 23.49.147.11/32
  • 23.49.164.42/32
  • 23.50.24.20/32
  • 23.51.32.85/32
  • 23.51.102.235/32
  • 23.53.99.41/32
  • 23.53.133.198/32
  • 23.53.198.166/32
  • 23.57.203.181/32
  • 23.58.32.29/32
  • 23.59.118.103/32
  • 23.63.122.205/32
  • 23.74.16.3/32
  • 23.195.149.98/32
  • 23.196.101.120/32
  • 23.196.150.195/32
  • 23.196.200.216/32
  • 23.197.53.135/32
  • 23.198.54.161/32
  • 23.198.79.210/32
  • 23.202.8.218/32
  • 23.202.212.119/32
  • 23.203.84.121/32
  • 23.203.181.191/32
  • 23.204.164.250/32
  • 23.205.193.20/32
  • 23.207.4.189/32
  • 23.207.22.235/32
  • 23.210.101.126/32
  • 23.212.40.219/32
  • 23.213.144.230/32
  • 23.218.4.218/32
  • 23.218.51.104/32
  • 23.218.180.218/32
  • 23.221.108.189/32
  • 23.221.145.19/32
  • 23.221.200.188/32
  • 23.222.213.127/32
  • 23.223.65.24/32
  • 88.221.240.29/32
  • 92.122.99.16/32
  • 95.100.224.47/32
  • 96.16.242.161/32
  • 96.17.16.33/32
  • 104.68.232.99/32
  • 104.75.224.13/32
  • 104.78.166.137/32
  • 104.81.104.188/32
  • 104.83.150.229/32
  • 104.110.75.145/32
  • 104.111.207.39/32
  • 118.215.73.2/32
  • 184.24.5.196/32
  • 184.24.173.205/32
  • 184.30.194.197/32
  • 184.31.37.229/32
  • 184.31.74.218/32
  • 184.31.181.127/32
  • 184.86.224.40/32
CertCentral Europe CRLs
  • crl.digicert.eu

See CertCentral Europe OCSPs

CertCentral Europe CA certificates
  • cacert.digicert.eu

See CertCentral Europe OCSPs

PKI Platform 8 OCSP
  • See attached csv file - pki-platform-8-ocsp.csv below.
  • 2.16.38.6/32
  • 2.16.70.6/32
  • 2.17.51.68/32
  • 2.17.65.87/32
  • 2.17.189.192/32
  • 2.18.143.11/32
  • 2.18.145.90/32
  • 2.19.77.136/32
  • 2.21.207.4/32
  • 2.22.142.222/32
  • 2.23.79.3/32
  • 2.23.115.54/32
  • 23.1.63.7/32
  • 23.4.191.137/32
  • 23.9.199.134/32
  • 23.9.217.92/32
  • 23.10.239.131/32
  • 23.13.144.239/32
  • 23.15.22.145/32
  • 23.15.111.5/32
  • 23.35.47.109/32
  • 23.35.54.216/32
  • 23.36.55.51/32
  • 23.37.240.38/32
  • 23.38.59.130/32
  • 23.38.128.111/32
  • 23.39.27.167/32
  • 23.39.81.96/32
  • 23.40.158.98/32
  • 23.41.71.26/32
  • 23.42.76.126/32
  • 23.42.98.116/32
  • 23.42.195.162/32
  • 23.42.241.135/32
  • 23.46.246.229/32
  • 23.47.103.239/32
  • 23.49.95.178/32
  • 23.49.131.209/32
  • 23.50.19.15/32
  • 23.52.56.90/32
  • 23.52.159.98/32
  • 23.53.77.91/32
  • 23.53.128.110/32
  • 23.53.192.230/32
  • 23.54.12.97/32
  • 23.54.251.67/32
  • 23.55.119.160/32
  • 23.55.219.46/32
  • 23.58.46.114/32
  • 23.60.127.21/32
  • 23.61.175.4/32
  • 23.63.113.242/32
  • 23.63.150.120/32
  • 23.64.7.47/32
  • 23.64.255.4/32
  • 23.65.143.35/32
  • 23.65.200.106/32
  • 23.66.32.218/32
  • 23.67.160.127/32
  • 23.196.96.36/32
  • 23.196.145.101/32
  • 23.198.49.90/32
  • 23.198.106.123/32
  • 23.201.3.76/32
  • 23.203.176.101/32
  • 23.204.100.149/32
  • 23.208.235.165/32
  • 23.210.96.39/32
  • 23.217.147.68/32
  • 23.219.19.133/32
  • 23.221.103.101/32
  • 23.222.208.39/32
  • 69.192.127.4/32
  • 72.247.234.134/32
  • 92.123.159.110/32
  • 92.123.167.14/32
  • 92.123.207.5/32
  • 92.123.255.3/32
  • 95.100.31.4/32
  • 96.7.5.110/32
  • 96.16.18.184/32
  • 96.16.240.128/32
  • 96.17.31.4/32
  • 96.17.47.5/32
  • 104.78.173.45/32
  • 104.81.99.98/32
  • 104.83.76.107/32
  • 104.83.138.135/32
  • 104.120.228.205/32
  • 118.214.79.6/32
  • 118.214.111.5/32
  • 118.215.127.4/32
  • 184.24.0.110/32
  • 184.24.168.116/32
  • 184.24.231.128/32
  • 184.30.131.114/32
  • 184.31.32.154/32
  • 184.31.68.129/32
  • 184.31.176.39/32
  • 184.50.191.4/32
  • 184.84.47.6/32
PKI Platform 8 CRL/CA certificates
  • See the attached csv file – pki-platform-8-crl-ca-cert-urls.csv below.

See CertCentral Global OCSPs

PKI client downloads
  • pkiclient-updater.digicert.com
  • pki-downloads.digicert.com

See CertCentral Global OCSPs

QuoVadis TrustLink OCSP
  • ocsp.quovadisglobal.com
  • 2.16.38.5/32
  • 2.16.70.5/32
  • 2.17.59.128/32
  • 2.17.184.20/32
  • 2.18.221.8/32
  • 2.23.109.198/32
  • 2.23.124.127/32
  • 23.0.20.6/32
  • 23.4.34.231/32
  • 23.6.243.4/32
  • 23.9.16.5/32
  • 23.9.202.9/32
  • 23.10.227.6/32
  • 23.32.210.62/32
  • 23.33.38.46/32
  • 23.35.180.55/32
  • 23.36.124.133/32
  • 23.37.132.12/32
  • 23.39.100.133/32
  • 23.39.105.134/32
  • 23.40.163.133/32
  • 23.41.174.56/32
  • 23.42.24.7/32
  • 23.43.145.5/32
  • 23.45.157.124/32
  • 23.47.10.6/32
  • 23.48.81.207/32
  • 23.49.109.6/32
  • 23.49.144.4/32
  • 23.50.24.8/32
  • 23.52.7.55/32
  • 23.52.196.134/32
  • 23.53.67.130/32
  • 23.53.72.130/32
  • 23.53.254.55/32
  • 23.54.2.7/32
  • 23.54.36.135/32
  • 23.54.110.212/32
  • 23.55.197.196/32
  • 23.56.217.201/32
  • 23.58.203.6/32
  • 23.59.99.55/32
  • 23.59.108.31/32
  • 23.60.147.178/32
  • 23.61.125.6/32
  • 23.62.232.5/32
  • 23.63.182.8/32
  • 23.64.254.6/32
  • 23.65.192.9/32
  • 23.66.32.10/32
  • 23.194.27.55/32
  • 23.196.140.130/32
  • 23.196.252.135/32
  • 23.197.119.140/32
  • 23.198.44.128/32
  • 23.198.167.10/32
  • 23.201.12.135/32
  • 23.201.207.137/32
  • 23.203.68.52/32
  • 23.203.76.63/32
  • 23.206.26.31/32
  • 23.206.75.137/32
  • 23.208.124.6/32
  • 23.209.228.58/32
  • 23.209.252.135/32
  • 23.217.44.135/32
  • 23.218.67.52/32
  • 23.220.228.6/32
  • 23.220.236.135/32
  • 23.221.98.140/32
  • 23.222.140.135/32
  • 23.222.173.8/32
  • 23.223.65.6/32
  • 59.151.131.238/32
  • 88.221.241.4/32
  • 92.122.9.217/32
  • 95.100.16.7/32
  • 95.101.177.251/32
  • 104.68.245.5/32
  • 104.77.20.5/32
  • 104.78.167.71/32
  • 104.81.11.98/32
  • 104.81.129.134/32
  • 104.83.69.8/32
  • 104.83.132.145/32
  • 104.86.83.102/32
  • 104.98.201.209/32
  • 104.103.145.110/32
  • 104.119.243.123/32
  • 118.214.138.6/32
  • 173.223.29.194/32
  • 173.223.145.217/32
  • 184.25.64.7/32
  • 184.28.133.145/32
  • 184.29.123.156/32
  • 184.30.4.6/32
  • 184.30.139.133/32
  • 184.51.37.103/32
  • 184.84.189.206/32
  • 184.86.169.117/32
  • 184.87.198.12/32
*DigiCert ONE: If your Trust Lifecycle, Software Trust, or Document Trust Manager (USA, CH, NL, JP) uses public certificates from CertCentral Global, CertCentral Europe, or PKI Platform 8, you may want to add these IPv4 addresses to your allowlist.

 

DigiCert certificate status IPv6 addresses

On January 10, 2025, we are moving to a CDN (content delivery network). Unfortunately, we must remove support for IPv6 addresses.