skip to primary navigationskip to content
 

Eligibility and restrictions

Certificates can be issued for servers using host names in the cam.ac.uk domain. This includes servers operated by the Colleges and other 'related institutions' of the University, providing they are content to be described within the certificate as being part of the University.

It is possible to issue certificates for host names in other domains, providing these domains are shown in the relevant registries as belonging to the University itself. However this is at University Information Services' (UIS) discretion and additional charges may apply in some cases. Certificates are not available for servers using host names in domains which are not owned by the University (and so not for domains owned by the Colleges or other 'related institutions'). Certificates are not available for servers using host names in unregistered domains such as .local.

Requests for certificates must be made by a recognised representative of the University institution to which the server's host name is assigned. This will normally be either a member of the lookup 'Management Group' for the relevant University institution, or someone with update access to the relevant part of the University's IP Address database. For certificates for host names in non-cam.ac.uk domains, particularly if the relevant server is hosted outside the University, it may be difficult to establish who is authorised to request certificates. Please contact if clarification is required in particular cases.

TLS certificates contain various standardised pieces of information. For certificates issued under this scheme some of these pieces of information must have particular values (see 'Application Process' for details).

The correct operation of TLS depends crucially on the server's private key being available to the server when needed and on it not being disclosed to third parties. Loss of access to the private key makes the corresponding certificate useless, and disclosure of the private key requires that the associated certificate be revoked. In both cases a replacement certificate will probably need to be issued for which a charge may be made. It is therefore important to backup the server's private key (and any associated pass phrase required for access), and to protect the key from disclosure. If private key is lost it is sometimes possible for the University to obtain a replacement certificate at no charge - if you need to re-request a certificate please contact for advice before simply requesting an additional certificate.

Links to the formal documents describing the certificate schemes are available - see 'Related information'.

Last updated: May 2015

UIS Service Status

Phone padded  Service status line: (01223) 463085
Website  Sign up for SMS/email status alerts
Website  Read major IT incident reports

UIS bITe-size bulletin


A regular newsletter aimed at the University's IT community, highlighting service and project news from UIS.

Sign up >  |  Back issues

RSS Feed Latest news

University Map coverage expanded

Nov 20, 2020

The UIS map team have recently completed work on increasing the coverage of the University Map. They have also updated the search index and improved the underlying system that compiles and displays the map.

TechLink Community programme and updates: October 2020

Oct 29, 2020

More than 100 TechLink members registered to join UIS Director, Prof. Ian Leslie's online TechLink Community event on Tuesday 20 October.

View all news