...
- Users: From here administrators can create new users and manage the already existing ones. The new users will receive an email from DigiCert with the link to the page where to set their own password and data.
Notice that all administrators can approve or reject certificate requests. User accounts can only submit requests. Under Validation you will find how to enable a user for Extended Validation SSL certificates.If a user should be allowed to treat Extended Validation SSL certificates make sure that both the the fields Phone (phone number) and Title (function name) are correctly filled.
The regular procedure to validate such a user for EV includes a phone call from DigiCert. This call goes to the formal number of the Institution (usually to HR) and it will be asked whether there is indeed employee with that name that works under that Title. Make sure that the function name you provide is the correct one.
Suggestions: Give to somebody an administrator account only if it is a trusted expert. Give to as few people as possible EV admin rights. Make sure that the click-through 'TCS Terms of Use' has been thoroughly read by everybody.
Notice that the indication of an EV Administrator is done from the Validation menu:
Validation → Organizations → Manage → Submit for Validation.
We strongly recommend to not make use of
Guest URLs that anyone can use to issue certificates. Any form of check is completely by passed when using Guest URLs.
API keys unless you want to write your own interface.
Under Authentication Settings you can enable the two factors of authentication for login (2FA). Both client certificates and One Time Passwords (OTP) are available. Refer to the DigiCert Two-Factor Authentication section in the user guide in the document section (Documents section in this wiki) for more info.