DigiCert, Inc. is a US-based technology company focused on digital security and headquartered in Lehi, Utah with international offices in Australia, Ireland, Japan, India, South Africa, Switzerland and United Kingdom. As a certificate authority and trusted third party, DigiCert provides the public key infrastructure and validation required for issuing digital certificates or TLS/SSL certificates. These certificates are used to verify and authenticate the identities of organizations and domains and to protect the privacy and data integrity of users’ digital interactions with web browsers, email clients, documents, software programs, apps, networks and connected IoT devices. The company's products and services also include private and managed PKI deployments, the DigiCert CertCentral certificate management platform, the DigiCert PKI Platform and full customer support. In 2019, the company announced a new R&D division called DigiCert Labs, "... an initiative dedicated to researching and developing innovative approaches to security challenges." DigiCert Labs will collaborate with other enterprise labs – including Microsoft Research, Utimaco, ISARA and Gemalto – and make grants to universities for the study of topics related to authentication, data integrity, encryption and identity. Initial research projects will focus on post-quantum cryptography and machine learning. DigiCert is a member of the CA/Browser Forum, an industry consortium that creates guidelines and standards for participating certificate authorities and web browsers. Dean Coclin, Sr. Director of Business Development at DigiCert, will serve as Vice-Chairperson of the CA/Browser Forum from Nov. 1, 2018 until Oct. 31, 2020. On August 28, 2015, in one of the largest investments in a Utah-based company to date, private equity firmThoma Bravo acquired a majority stake in DigiCert, with TA Associates a leading global growth private equity firm, holding a minority share. Thoma Bravo was quoted as saying, "DigiCert represents an outstanding investment opportunity to back a market leader… known for its consistent innovation and first-rate customer service." In 2019, Clearlake Capital Group, L.P., a leading private investment firm, and TA Associates, an existing investor, reached an agreement to make a strategic growth investment in DigiCert. As part of the transaction, Clearlake and TA Associates become equal partners in the company. DigiCert Inc. is of no relation to Digicert Sdn. Bhd, a Malaysian-based certification authority that issues certificates with weak keys and had its trust revoked by web browsers.
History
DigiCert was founded by Ken Bretschneider in 2003. Bretschneider served as CEO and chairman of the board until 2012 when he was appointed Executive chairman and Nicholas Hales became CEO. In 2016, the company named John Merrill CEO. In 2015, DigiCert acquired the CyberTrust Enterprise SSL business from Verizon Enterprise Solutions, becoming the world's second-largest certificate authority for high-assurance or extended validation TLS/SSL certificates. In 2017, DigiCert acquired the TLS/SSL and PKI businesses from the world's largest certificate authority, Symantec, for $950 million. The acquisition resulted from questions first raised in 2015 by web browsers Google and Mozilla about the authenticity of certificates issued by Symantec, which represented one-third of all TLS/SSL certificates on the web. In Sep. 2017, Google and Mozilla announced they would "... reduce, and ultimately remove, trust in Symantec's Root Keys in order to uphold users’ security and privacy when browsing the web." The final distrust deadline for certificates chaining to Symantec roots was set for Oct. 2018. Symantec agreed to transfer its certificate business to its top TLS/SSL competitor, DigiCert, whose roots were trusted by browsers. In Dec. 2017, DigiCert began issuing free replacements for all distrusted certificates from Symantec, GeoTrust, RapidSSL, Thawte and VeriSign. By Oct. 2018, the company had revalidated more than 550,000 organizational identities and issued more than 5 million replacement certificates for affected customers. In 2018, DigiCert acquired QuoVadis, a trust service provider headquartered in Switzerland offering qualified digital certificates, PKI services and PrimoSign electronic signature software. Qualified digital certificates from QuoVadis comply with eIDAS, a set of EU standards for electronic transactions requiring legal proof of authentication. The EU Payment Services Directive mandates that banks and other financial institutions operating in Europe begin using qualified digital certificates by Jun. 2019. According to DigiCert, "... the QuoVadis acquisition aligns with the company's vision of providing globally dispersed and robust PKI-based solutions with local support."