OFFICE OF INFORMATION SECURITY
Information Technology Services SOP for SSL Server and Personal Certificate Requests
The following is the standard operating procedure for SSL Certificate Requests. An SSL Certificate is SSL Certificate is a small data file that digitally binds a cryptographic key to your organization's details, typically:
* UTB/TSC domain name, server name or hostname
* UTB/TSC name and location
* In certain cases UTB/TSC contact details
An organization needs to install the SSL Certificate onto its web server to initiate secure sessions with browsers. All SSL Certificates are issued through UTB/TSC's trusted Certification Authority-Comodo through the Incommon Federation. Incommon creates and supports a common framework for trustworthy shared management of access to on-line resources in support of education and research in the United States.
Step 1 – Completely fill out the Digital Measures SSL Request Form (sop.docx
- All SSL Certficate requests, along with personal identifiable certificate requests must be done through this form.
- The information to be collected includes:
- Common Name (normally URL of server from CSR file)
- Organization (Will all ways be UTB)
- Department (not use at the moment)
- Requester-(Administrator Christopher Cohen-Primary Issuer )
- External Requester (email address of administrator to pick up SSL cert)
- Web Server Environment Software
- All certificates must have keys of 2048 as a minimum for cipher strength.
- Please confirm the CSR files sent are 2048 strength or the request will be rejected.
- Term (Choose from 1yr, 2yr, or 3yr Option)
- CSR (Generated by Web Server Software)
- E-mail finalized Digital Measures SSL Request Form to email@example.com
Step 2 – Received SSL Certificates
- Both Primary Issuer and Requester will be notified via e-mail when a SSL Certificate has been approved and validated by the In Common System.
Note: CSR = Certificate signing request