ARCHIVED: Completed project: InCommon Certificate Service

This content has been archived, and is no longer maintained by Indiana University. Information here may no longer be accurate, and links may no longer be available or reliable.

Primary UITS contact: Nate Johnson

Completed: January 31, 2012

Description: The University Information Security Office (UISO) has partnered with the InCommon Certificate Service to provide unlimited free SSL certificates to Indiana University units. This certificate service replaces the IU Certificate Authority (IUCA), and is available to all IU campuses.

Outcome: Under the arrangement, all certificates are free to IU units, for all levels of service. For IUCA customers, the most noticeable change is an end to the distinction between test and production certificates (in the past the IUCA has issued test certificates for free, and you've had to cover the cost of production Thawte certificates). Also, with Comodo as back-end vendor for the InCommon Certificate Service, the certificates will work in all mainstream operating systems, web browsers, and email clients.

The InCommon Certificate Service makes the following products available:

  • Standard SSL/TLS Server certificates
  • Multi-Domain certificates, supporting up to 100 Subject Alternative Names, or SAN
  • Wildcard certificates (some restrictions apply)
  • Code-signing certificates
  • EV (Extended Validation) certificates
  • EV Multi-Domain certificates

Client Certificates, also known as S/MIME Certs or Personal Certs, will soon be available. These certs can be used to sign and/or encrypt email, documents, and other data, plus various other uses. We are seeking users to help test the new offering. If you would like to help test the new Client Certs, email UISO.

Benefits: By providing SSL/TLS certificates at no cost to individual IU units, this project cuts IT operational costs across the board, and encourages the use of certificates signed by a legitimate certificate authority, rather than self-signed certificates that are vulnerable to Man in the Middle (MITM) attacks.

Related information: For more, including a link to request certificates, see SSL/TLS Certificates.

This is document bahg in the Knowledge Base.
Last modified on 2018-01-18 16:30:17.