Last updated: 
4 months 1 week ago
Group Manager

Welcome to the Jisc Certificate Service group.

For an update on the NEW Jisc certificate service please follow the below link.

The New Jisc Certiface Service 

The service offers a number of different X509 SSL certificates, including Extended Validation certificates that give users the highest possible assurance, as well as S/MIME email certificates for digitally signing emails. Jisc has an agreement with the Certificate Authority, QuoVadis who is the provider of the certificates.

The service has been running since 2006 and has issued many thousands of certificates to organisations in UK research and education.

This is a Community group where users can obtain relevant information, receive service updates and provide feedback.

Article

Please see further update from QuoVadis on the OU field Issue:

Retiring the OU field for public TLS/SSL 

QuoVadis will turn off the Organizational Unit (OU) field for all new public TLS/SSL certificates starting on August 31, 2020 at 00:59. This will affect new, reissued, and renewed certificates. Existing certificates with OUs are not affected (and do not require revocation or replacement). 

Article

WE ENCOURAGE CUSTOMERS TO VALIDATE DOMAINS IN ADVANCE TO AVOID POSSIBLE LENGTHY DELAYS IN PROCESSING CERTIFICATE REQUESTS

Q1) What is the change?

From 1 August, new industry regulation states that Certificate Authorities (CAs) must no longer rely on checking a public WHOIS record to validate domain ownership. Instead, customers requesting a certificate must demonstrate a ‘positive interaction’ to show they have control over/ownership of the domain to be used in a certificate.

Article

We're pleased to announce that from today the service can provide end user certificates, which are used for digitally signing and encrypting emails. These are called S/MIME (Secure/Multipurpose Internet Mail Extensions) certificates.

S/MIME are installed on email clients which then enable the end user to send digitally signed emails, giving recipients assurances that the email originated from the sender's account. By signing emails, recipients can also have confidence that the contents of the email has been been altered in transit.

Article

The following certificates can be obtained through the Jisc Certificate Service's web app, found in the App Centre here:

The service provides Extended Validation (EV) server certificates S/MIME end user for digitally signing emails for high, both of which offer users the highest possible assurance. Business/Organisation Validated (OV) and Wildcard (of OV type) certificates are also available.

-----

All certificates issued are SHA-256.

-----

Article

For all FAQs please click on the header link 'Charging FAQs'

Jisc Certificate Service – charging update 24.04.2013 - 10 new points:

1. Why is the date for charging being moved?

Document

To apply for membership of the Jisc Certificate Service, please download, complete and sign the application form. It must be signed by someone with the appropriate level of authority to sign on behalf of your organisation. The completed form can be scanned and emailed (to certificates@jisc.ac.uk), faxed (0300 300 2213) or posted back to Jisc, Lumen House, Library Avenue, Harwell Campus, Didcot, OX11 0SG

Article

Availability of SHA-256 certificates: 14 October 2014
We’re pleased to announce an agreement has been reached between TERENA and Comodo which will enable customers to obtain SHA-256 certificates. This is available with immediate effect and all certificates obtained from the service will be by default SHA-256.

Article

SHA-1 and Google Chrome: 20 November 2014

On 18 November Google released Chrome 39 which will now result in users visiting web services secured with SHA-1 certificates that expire in 2017 being shown a grey padlock with a yellow warning triangle, instead of the usual recognisable green padlock.

Article

Availability of SHA-256 certificates: 14 October 2014
We’re pleased to announce an agreement has been reached between TERENA and Comodo which will enable customers to obtain SHA-256 certificates. This is available with immediate effect and all certificates obtained from the service will be by default SHA-256.

Document

This document is an example of the DCV email that Comodo will send out for any domains, located in the CSR, to be validated before the SSL certificate is issued.

In some cases it may be necessary to provide your IT team with information that is found in the email from Comodo to ensure it does not get caught up in the email SPAM filter.

Prev | Next