SSL Certificates | University of Oregon: Information Security
Information Security Information Services home

SSL Certificates

About SSL Certificates

  • The Information Security group provides support in obtaining and using SSL certificates as a tool for offering secure services on campus. We have a list of SSL certificate vendors who we commonly use to obtain certificates, and we have processes for obtaining and tracking the use of these certificates on campus. We offer assistance to faculty and staff who are interested in utilizing SSL certificates.
  • SSL Certificates are divided into two types -- Class-1 and Class-2. Class-2 certificates are required when the applicaton necessitates a higher level of security. For example, if you are working with financial data, health information, or any kind data that might be subject to identity theft requirements, then Class-2 certificates are required. Our current provider for these certificates is Thawte/Verisign.
  • We also support the use of Class-1 certificates in cases where the application security requirements are less stringent. The advantage to these certificates is that they cost significantly less than Class-2 certificates. We have tested certificates from IPSCA and GoDaddy, and they appear to work well in most cases. It is still the case however that we will only honor requests from faculty and staff, and we will continue to verify all SSL certificate requests, regardless of the vendor or the class type.
  • For additional questions about these and other types of certificates, please visit our SSL Certificate FAQ, or contact the Security Group at 346-5837, or e-mail to: certificates@ithelp.uoregon.edu

.

How to Obtain a Signed SSL Certificate

  • First: Send an e-mail to certificates@ithelp.uoregon.edu to inform the security group that a certificate request will be coming, and include the following information:

    Your Name:
    Server Name:
    Server Purpose:
    Contact Name:
    Contact E-mail:
    Contact Phone:

  • Second: For Class-1 certificates, visit your CA of choice and go through the process that the CA you choose requires to obtain a certificate. For Class-2 certificates, contact the Security Group at 346-5837.

Reccomended Certificate Authorities (CA's)

  • ipsCA is CA based out of Spain that offers free Class-1 certificate signing for .edu domains.
    http://certs.ipsca.com/
  • GoDaddy is a US based certificate authority that offers inexpensive Class-1 and Class-2 certificate signing for up to ten years.
    http://www.godaddy.com/
  • Thawte/Verisign: If you wish to request a Thawte/Verisign Class-2 certificate, please send an e-mail to certificates@ithelp.uoregon.edu with the information noted above.

    Please note: If you are testing a service that requires SSL or TLS, prior to final production deployment, you may consider using a self-signed certificate during that phase.

Posted October 8th, 2007