Sectigo Certificate Manager 23.10

Sectigo nos envía los próximos cambios en la versión SCM 23.10:

Sectigo Certificate Manager (SCM) 23.10 will be deployed on October 21th starting at 8:00 UTC. Outage is the normal 6 hours.

Planned Start: October 21, 2023 8:00AM UTC
Expected End: October 21, 2023 2:00PM UTC

Affected Infrastructure

Components: Certificate Issuing Platforms, Certificate Lifecycle Management Platforms
Locations: Public CA, SCM (, SCM (, Private CA


The SCM 23.10 release includes the following enhancements and fixes:

  • Next generation Private Key Agent supporting multiple key storage options (local file, Hashicorp Vault, and Azure Key Vault), simplified download authentication, new download formats and static install packages. (SCM-8137)
  • New API admin type replacing standard admin with "WS API use only" privilege. This allows for easier identification and management of admins for API usage. (SCM-8163)
  • IdP Template admin type has been improved to support multiple templates plus the ability to auto create IdP admins using IdP assertion values such as groups. (SCM-8164)
  • New Sectigo Authentication Service admin type supporting external users without the need for a customer controlled IdP. Sectigo Authentication Service supports username/password + 2FA and industry standard passkeys (WebAuthn). By default, this admin type will not be enabled, please contact Sectigo if required. (SCM-8165)
  • Simplified IdP admin types to no longer require secondary approval. (SCM-8149)
  • Added ability to convert admins between supported types. (SCM-8169)
  • New filtering options for admins. (SCM-8149)
  • New controls over allowed admin types and visible login page options. (SCM-8167)
  • Improved ability to manage the ownership of SSL/Device certificates. The certificates assigned department can be changed along with the requester/approver. (SCM-8171)
  • Deleting an admin now offers the ability to reassign their certificates (they are the requester) to another admin. (SCM-8173)
  • Improved speed of Public SMIME certificate collection. (SCM-8376)
  • Certificate discovered via Network Discovery Scan long ago could not be deleted. (SCM-8433)
  • Email address containing some upper-case letters could not be added to notification recipients. (SCM-8403)
  • SMIME certificates list could not be exported by RAO or DRAO administrators. (SCM-8401)
  • MRAO administrator could not add a MRAO administrator account. (SCM-8384)
  • Regular expression set for external requester did not honor case. (SCM-8368)
  • Administrator’s role could not be updated in some cases. (SCM-8357)
  • Additional domain names added during replacement of a Private SSL certificate were not saved. (SCM-8158)
  • The "Enrollment Successful" notification was sometimes sent twice. (SCM-7692)