- Contact Us
-
choose your language
Knowledge Base
DigiCert Log4J Response
Description
DigiCert is aware of the zero-day exploit affecting the Apache Log4j utility. We continue to analyze the vulnerabilities related to Apache Log4j disclosed on December 9, 2021. At this time, we are not aware of any impact to our services and all services continue to operate as expected.
To keep your DigiCert services secure, our dedicated team of security professionals continues to monitor the overall impact of the Log4j remote-code execution vulnerabilities (CVE-2021-45046, CVE-2021-44228, CVE-2021-45105, and CVE-2021-44832). We will provide new information as it becomes available.
Services status
CertCentral
| Services | Impacted/Not affected | Patch Status | Notes |
|---|---|---|---|
| CertCentral API | Not affected |
Not applicable |
|
| CertCentral console | Not affected |
Not applicable |
|
| Automation: DigiCert Automation Agent | Not affected |
Not applicable |
|
| Discovery and Automation: On-premises sensor | Impacted |
Patched to Apache Log4j 2.16.0 on December 15, 2021 |
|
| Discovery and Automation: CertCentral public scan | Not affected |
Not applicable |
|
| Discovery and Automation: CertCentral-Discovery as a Service | Not affected |
Not applicable |
|
| ACME | Not affected |
Not applicable |
DigiCert Site Seal
| Services | Impacted/Not affected | Patch Status | Notes |
|---|---|---|---|
| Site Seal | Not affected |
Not applicable |
Certificate Issuing Service (CIS)
| Services | Impacted/Not affected | Patch Status | Notes |
|---|---|---|---|
| CIS | Impacted |
Patched to Apache Log4j 2.15.0 on December 10, 2021 Patched to Apache Log4j 2.16.0 on December 14, 2021 Patched to Apache Log4j 2.17.0 on December 20, 2021 |
Code Signing Timestamp Service
| Services | Impacted/Not affected | Patch Status | Notes |
|---|---|---|---|
| Code Signing Timestamp Service | Not affected |
Not applicable |
Online Certificate Status Protocol (OCSP)
| Services | Impacted/Not affected | Patch Status | Notes |
|---|---|---|---|
| OCSP | Not affected |
Not applicable |
Certificate Revocation List (CRL)
| Services | Impacted/Not affected | Patch Status | Notes |
|---|---|---|---|
| CRL | Not affected |
Not applicable |
digicert.com
| Services | Impacted/Not affected | Patch Status | Notes |
|---|---|---|---|
| Website | Not affected |
Not applicable |
Managed PKI (User Authentication)
| Services | Impacted/Not affected | Patch Status | Notes |
|---|---|---|---|
| PKI Platform 8 | Not affected |
Not applicable |
|
PKI Platform 8: Enterprise Gateway |
Not affected |
Not applicable |
|
PKI Platform 8: Auto Enrollment Server |
Not affected |
Not applicable |
|
PKI Platform 8: Local Key Management Server (LKMS) |
Not affected SeeNotes. |
Not applicable |
However, the LKMS package does ship with Log4j v2.8.2, but it is NOT used by the LKMS server code. If you want to remove this, see our knowledgebase article |
PKI Platform 8: PKI Client |
Not affected |
Not applicable |
|
PKI Platform 8: InTune Import Tool |
Not affected |
Not applicable |
|
PKI Platform 8: Enrollment over Secure Transport (EST) Client |
Not affected |
Not applicable |
|
PKI Platform 8: Simple Certificate Enrollment Protocol (SCEP) Client |
Not affected |
Not applicable |
|
PKI Platform 8: DigiCert Desktop Client |
Not affected SeeNotes. |
Not applicable |
DigiCert Desktop Client is not affected. However, make sure you are running one of the two latest releases: 3.3.0 or 3.2.1. The new version can be downloaded here: DigiCert Desktop Client |
PKI Platform 8: Bulk Export Tool |
Not affected |
Not applicable |
|
PKI Platform 8: Enrollment over Secure Transport (EST) Proxy Server |
Not affected |
Not applicable |
|
PKI Platform 8: Simple Certificate Enrollment Protocol (SCEP) Proxy Server |
Not affected |
Not applicable |
|
PKI Platform 7 |
Not affected |
Not applicable |
|
PKI Platform 7 (Japan) |
Not affected |
Not applicable |
|
CI Plus Platform |
Impacted |
Patched to Apache Log4j 2.16.0 on December 15, 2021 Patched to Apache Log4j 2.17.0 on December 21, 2021 |
|
Online Certificate Status Protocol (OCSP) |
Not affected |
Not applicable |
|
Certificate Revocation List (CRL) |
Not affected |
Not applicable |
Direct Cert Portal
| Services | Impacted/Not affected | Patch Status | Notes |
|---|---|---|---|
| Direct Cert Portal API | Not affected |
Not applicable |
|
| Direct Cert Portal Console | Not affected |
Not applicable |
DigiCert ONE
| Services | Impacted/Not affected | Patch Status | Notes |
|---|---|---|---|
| Account Manager | Not affected |
Not applicable |
|
| CA Manager | Not affected |
Not applicable |
|
| DigiCert® Trust Lifecycle Manager | Not affected |
Not applicable |
|
| DigiCert® IoT Trust Manager | Not affected |
Not applicable |
|
| DigiCert® Software Trust Manager | Not affected |
Not applicable |
|
| DigiCert® Document Trust Manager | Not affected |
Not applicable |
|
| Automation Manager | Not affected |
Not applicable |
|
| Automation Manager, on-premises sensor | Impacted |
Patched to Apache Log4j 2.16.0 on December 15, 2021 Patched to Apache Log4j 2.17.0 on December 20, 2021 |
DigiCert ONE Japan
| Services | Impacted/Not affected | Patch Status | Notes |
|---|---|---|---|
| Account Manager | Not affected |
Not applicable |
|
| CA | Not affected |
Not applicable |
|
| Enterprise PKI Manager | Not affected |
Not applicable |
|
| IoT Device Manager | Not affected |
Not applicable |
|
| Secure Software Manager | Not affected |
Not applicable |
|
| Document Signing Manager | Not affected |
Not applicable |
Enterprise
Services |
Impacted/Not affected |
Patch Status |
Notes |
|---|---|---|---|
API VICE2 |
Not affected |
Not applicable |
DigiCert Gatekeeper Service
| Services | Impacted/Not affected | Patch Status | Notes |
|---|---|---|---|
| GateKeeper | Not affected |
Not applicable |
QuoVadis
| Services | Impacted/Not affected | Patch status | Notes |
|---|---|---|---|
| DSS-Engine Production | Not affected |
Not applicable |
|
| DSS-Engine Staging | Not affected |
Not applicable |
|
| Trust/Link | Not affected |
Not applicable |
|
| SealSign Cloud Production | Not affected |
Not applicable |
|
| SealSign Cloud Staging | Not affected |
Not applicable |
|
| QVSS (QuoVadis Signing Service) | Not affected |
Not applicable |
|
| QuoVadis Qualified Timestamps | Not affected |
Not applicable |
|
| QuoVadis website Netherlands | Not affected |
Not applicable |
|
| QuoVadis NOVA System | Not affected |
Not applicable |
|
| TL/C Demo | Not affected |
Not applicable |
|
| TL/C Prod | Not affected |
Not applicable |
|
| PERSS | Not affected |
Not applicable |
|
| SixTerravis | Not affected |
Not applicable |
|
| Primosign | Not affected |
Not applicable |
|
| QuoVadis IDP | Not affected |
Not applicable |
If you discover your systems are affected by log4j, DigiCert recommends that you create new keys, request replacement certificates, and revoke any impacted certificates from the compromised systems.
For further questions, contact DigiCert Support.
-
The most-trusted global provider of high-assurance TLS/SSL, PKI, IoT and signing solutions.
-
-
© 2022-2024, DigiCert, Inc. All rights reserved.
Cookie Settings
