Reference: DNS SANS injection and replacement¶
Certificate Manager - SaaS supports adding (injecting) or overwriting (replacing) DNS SANS entries for user-provided certificate signing requests (CSRs).
The following table outlines the features supported by each Certificate Authority (CA) and includes links to their respective documentation, which you may find useful.
Certificate Authority | Add | Overwrite | Documentation |
---|---|---|---|
Entrust | ✅ | ✅ | link |
DigiCert | ✅ | ✅ | link |
Microsoft ADCS | ✅ | ❌ | |
Certificate Manager - Self-Hosted. | ✅ | ❌ | link |
Zero Touch PKI | ✅ | ✅ | link |
GlobalSign Atlas | ✅ | ✅ | link |
GlobalSign MSSL | ✅ | ✅ | link |
ACME (Let's Encrypt) | ❌ | ❌ | link |
Venafi Connector CA | ❌ | ❌ | link |
Built-in: Certificate Manager - SaaS-generated CSR | ✅ | ✅ | link |
Built-in: User-provided CSR (without private key) | ❌ | ❌ |