Questions relating to the administration of the certificate scheme should be emailed to tlscerts@uis.cam.ac.uk.
General questions from Computer Officers and TechLinks about configuring TLS clients and using certificates should be referred to the Service Desk.
When generating Certificate Signing Requests, users of OpenSSL may find this configuration file useful when working with the 'openssl req' command, or find this Python script helpful (run with --help for instructions).
Two local tools are available for checking certificates:
- The Certificate Display Page can be used to decode certificates and display some of their content. This is useful for checking expiry dates, what hosts a certificates is valid for, etc. Certificates can be uploaded to this page, or it can collect certificates from existing servers.
- The SHA-1 Certificate Test Page shows how a web site will be affected by plans by Google and others to phase out support for certificates using the SHA-1 signature algorithm.
In addition, QuoVadis provide a collection of useful tools on their web site.
Jisc's page about the certificate scheme used by UIS is at: https://www.jisc.ac.uk/certificate-service.
The Terms and Conditions of the Jisc service can be viewed at: https://community.ja.net/library/janet-services-documentation/jcs-terms-and-conditions.
Use of QuoVadis certificates is governed by the QuoVadis Certificate Holder Agreement. This in turn refers to QuoVardis's Certificate Policy/Certification Practice Statement for Root CA2.
You can check the status of a certificate that you requested on the UIS TLS Certificates administration site, or by contacting tlscerts@uis.cam.ac.uk. To revoke a certificate, please contact tlscerts@uis.cam.ac.uk.
Last updated: January 2019