Active Incident

Updated a few seconds ago

Service Disruption – SCM Prime & SCM HardOperational

Incident Status

Operational

Components

Certificate Issuing Platforms, Certificate Lifecycle Management Platforms

Locations

Public CA, SCM (cert-manager.com), SCM (hard.cert-manager.com), Private CA


April 7, 2026 5:01PM UTC
MONITORING

The issue impacting Sectigo Certificate Manager (SCM) in both Prime and Hard environments has been resolved. Service access has been restored, and certificate management and enrollment operations, including SCEP-based enrollments, are functioning normally. Our teams are continuing to monitor the environment closely to ensure ongoing stability. We will provide a final update once monitoring is complete.

April 7, 2026 4:54PM UTC
INVESTIGATING

Sectigo is reporting a service disruption affecting Sectigo Certificate Manager (SCM) in both Prime and Hard environments. Customers may experience intermittent issues with certificate enrollment services, including SCEP-based enrollments. This may result in enrollment failures or delays for automated device and client certificate requests. Our engineering teams are actively investigating the issue and working toward resolution. Further updates will be provided as information becomes available.

Certificate Issuing Platforms

Operational

Certificate Lifecycle Management Platforms

Operational

Certificate Revocation Platforms

Operational

Certificate Transparency

Operational

Websites

Operational

Client Areas

Operational

Time Stamping

Operational

Scheduled Maintenance

Sectigo Certificate Manager (SCM) 26.3 Release is scheduled for Saturday April 11thPlanned Maintenance

Schedule

April 11, 2026 9:00AM - 11:00AM UTC

Components

Certificate Lifecycle Management Platforms

Locations

SCM (eu.cert-manager.com)

Description

The SCM 26.3 release includes the following enhancements and fixes: - SCM now supports creating a Private PQC CA and ordering PQC ready SSL certificates. These certificates are for testing purposes. (SCM-13582) - The approver and requester can now be included in notifications for device certificates. (SCM-13336/SCM-12916) - New REST API resource for retrieving usage details. (SCM-13745) - SSL certificate deletion events are now audited. (SCM-13469) - When using DNS Connector, the type of DNS record created is now TXT instead of CNAME. (SCM-13600) - Usage page redesigned to better show what flex package covered an individual products usage. (SCM-13724) - Updated to using Azure Key Vault API version 2026-02-01 since all previous versions will be retired in early 2027. (SCM-13595) - Admins can now validate their emails in SCM. No features require a validated email. (SCM-13757) - After deletion of a term from a certificate profile, not all endpoint accounts would be updated if they were configured with that term. (SCM-13969) - In some circumstances a new OV prevalidation being completed might not be correctly enabled for public ACME orders. (SCM-13360) - Deleting a domain may not remove it from the public ACME account allowing issuance of new certificates to continue with that domain. (SCM-11477)
Sectigo Certificate Manager (SCM) 26.3 Release is scheduled for Saturday April 11thPlanned Maintenance

Schedule

April 11, 2026 10:00AM - 11:59AM UTC

Components

Certificate Lifecycle Management Platforms

Locations

SCM (hard.cert-manager.com)

Description

The SCM 26.3 release includes the following enhancements and fixes: - SCM now supports creating a Private PQC CA and ordering PQC ready SSL certificates. These certificates are for testing purposes. (SCM-13582) - The approver and requester can now be included in notifications for device certificates. (SCM-13336/SCM-12916) - New REST API resource for retrieving usage details. (SCM-13745) - SSL certificate deletion events are now audited. (SCM-13469) - When using DNS Connector, the type of DNS record created is now TXT instead of CNAME. (SCM-13600) - Usage page redesigned to better show what flex package covered an individual products usage. (SCM-13724) - Updated to using Azure Key Vault API version 2026-02-01 since all previous versions will be retired in early 2027. (SCM-13595) - Admins can now validate their emails in SCM. No features require a validated email. (SCM-13757) - After deletion of a term from a certificate profile, not all endpoint accounts would be updated if they were configured with that term. (SCM-13969) - In some circumstances a new OV prevalidation being completed might not be correctly enabled for public ACME orders. (SCM-13360) - Deleting a domain may not remove it from the public ACME account allowing issuance of new certificates to continue with that domain. (SCM-11477)
Scheduled Private CA & IoTMgr Maintenance Saturday April 11thPlanned Maintenance

Schedule

April 11, 2026 11:00AM - 1:00PM UTC

Components

Certificate Issuing Platforms, Certificate Lifecycle Management Platforms, Client Areas

Locations

IoT Manager, Private CA, Sectigo Authentication Service

Description

During the scheduled upgrade for the Sectigo Certificate Manager (SCM) 26.1 Release, we will be performing maintenance on various services related to Private CA and expect some downtime within this time frame.
Sectigo Certificate Manager (SCM) 26.1 Release is scheduled for Saturday April 11thPlanned Maintenance

Schedule

April 11, 2026 11:00AM - 1:00PM UTC

Components

Certificate Lifecycle Management Platforms

Locations

SCM (cert-manager.com)

Description

The SCM 26.3 release includes the following enhancements and fixes: - SCM now supports creating a Private PQC CA and ordering PQC ready SSL certificates. These certificates are for testing purposes. (SCM-13582) - The approver and requester can now be included in notifications for device certificates. (SCM-13336/SCM-12916) - New REST API resource for retrieving usage details. (SCM-13745) - SSL certificate deletion events are now audited. (SCM-13469) - When using DNS Connector, the type of DNS record created is now TXT instead of CNAME. (SCM-13600) - Usage page redesigned to better show what flex package covered an individual products usage. (SCM-13724) - Updated to using Azure Key Vault API version 2026-02-01 since all previous versions will be retired in early 2027. (SCM-13595) - Admins can now validate their emails in SCM. No features require a validated email. (SCM-13757) - After deletion of a term from a certificate profile, not all endpoint accounts would be updated if they were configured with that term. (SCM-13969) - In some circumstances a new OV prevalidation being completed might not be correctly enabled for public ACME orders. (SCM-13360) - Deleting a domain may not remove it from the public ACME account allowing issuance of new certificates to continue with that domain. (SCM-11477)