Knowledge Base

Description

We had planned to change our CRL and OCSP IP addresses for DigiCert PKI Platform 7 and 8 on June 15, 2021 and we asked you to allowlist our new IP addresses. This change has been delayed, and we will not be cutting over to the new IP addresses yet. 

What is the impact?

• If you already made this change, no action is required.
• If you have not already made this change, no action is required yet and we will contact you when we have a new official date for cutover.
• This change affects environments that use DigiCert-hosted CRLs and OCSP services only when using IP addresses instead of DNS for validation services.
• You are not affected when you use your own CRL Distribution Points (local URLs). 

What do I need to do?

For firewalls or access control devices that reference IP addresses instead of domains, you will need to add our current and future CDN IP addresses in your existing allowlist.

DigiCert PKI Platform 7

DigiCert PKI Platform 8

If you use IP allowlisting, add new IP addresses to your allowlist without removing any firewall configurations. 

If you have any queries or concerns, please contact PKI Support.