SSL Server Certificates - InCommon

Service Initiation

http://www.columbia.edu/acis/sy/services/sslcertificate.html

Support

Service Support Contact:

CUIT Helpdesk

CUIT Helpdesk Service Hours

Phone Support - 212-854-1919 Hours:

Sunday: 3pm-11pm

Monday – Thursday: 8am-11pm

Friday: 8am-7pm

Saturday: 10am-6pm

Email/Web/online Support askcuit@columbia.edu

Hours: Monday-Friday 9am-5pm

Helpdesk Support Center walk-up facility at 202 Philosophy Hours:

Monday- Friday 10am-6pm

Service Targets:

Cert requests will be turned around in 5 business days

Service Contact:

Matt Selsky

CUIT Executive Owner:

Alan Crosswell, Technology Infrastructure

Service Description

CUIT offers free standard, SAN, and wildcard SSL certificates through membership in the InCommon Cert Service.

Status:

Active

Details

CUIT has paid for a bulk license with for the InCommon Certificate Service for unlimited standard, SAN, and wildcard SSL certificates. These certs are provided by Comodo, a leading commercial provider of certificates through an arrangement with the Internet2 InCommon consortium.

SSL Certificates

Columbia University Information Technology has purchased a block of SSL Server Certificates from InCommon. These are available to the Columbia community at zero cost.

Who Is Eligible? What Domains Are Eligible?

All Columbia University departments and affiliates can use this service. CUIT will sign certificates for domains in columbia.edu and other domains controlled by Columbia University departments and affiliates.

Will CUIT Approve Certificate Signing Requests Submitted Via Other Certificate Authorities?

No. CUIT will only approve certificate requests submitted via CUIT's InCommon SSL Certificate portal. We will not authorize requests submitted via other Certificate Authorities.

Why Use A CUIT InCommon SSL Certificate?

We offer standard SSL, Unified Communication, multi-domain, and wildcard certificates; all at zero cost.

How Long Is A CUIT InCommon SSL Certificate Good For?

Certificates are valid for 1 year from when they are issued. You will receive email directly from InCommon starting 30 days before the certificate expires.

How Do I Request Or Renew A CUIT InCommon SSL Certificate?

Visit the request form. You will be required to login with your UNI and password.

You may submit a renewal request up to 30 days in advance of your certificate's expiration.

How Long Does It Take For InCommon To Sign My Certificate Request?

Approvals may take up to 5 business days. Initial requests for non-.columbia.edu domains will take longer, will require additional information to be submitted, and changes to the DNS records by the WHOIS admin contact.

Wildcard certificates require additional validation by the certificate authority; you may be contacted for additional information.

What Is The Minimum Length For Certificate Keys?

Certificate keys must be at least 2048-bit. 1024-bit keys are no longer accepted. For more information, see InCommon's key length documentation.

Reusing CSRs and Keys for Certificates

Certificate Signing Requests (CSR) and their keys shall not be reused. Users must generate and submit new CSRs whenever certificates are renewed.

Standard Service Features

Standard, SAN, and wildcard SSL certificates.

Standard Costs:

No charge to schools, departments, affiliates.

Service Eligibility

Columbia University departments and affiliates.