IAM in Service Catalog
Describe how to renew an X.509 certificate from the InCommon CA via the UW Certificate Services website.
As part of the SHA-1 to SHA-2 migration (see Transition to InCommon SSL Certificates Signed with SHA-2), we've disabled renewals for InCommon SHA-1 certificates. At this point, renewal of a SHA-1 certificate would result in another SHA-1 certificate with a limited lifespan. There is no way to renew a SHA-1 certificate and get a SHA-2 certificate. As your InCommon SHA-1 certificate approaches its expiration date, you will need to request a new InCommon certificate. New certificates will be available with 1, 2, or 3 year lifespans and they will be signed with SHA-2. The renew option is available for InCommon SHA-2 certificates.
Example: Email Notification
From: UW Certificate Services email@example.com Reply-To: firstname.lastname@example.org To: email@example.com Cc: firstname.lastname@example.org, email@example.com, firstname.lastname@example.org Subject: Certificate #1234 issued for www.spud.washington.edu Certificate #1234 for www.spud.washington.edu has been issued by InCommon. Certificate Details: Common name: www.spud.washington.edu Renewed: Fri Aug 12 13:06:03 PDT 2011 by you Expires: Mon Aug 11 16:59:59 PDT 2014 InCommon ID: 56765 You may retrieve the certificate from the UW Certificate Service website: https://iam-tools.u.washington.edu/cs/cert?id=1234 ** Tip ** : UW Certificate Services determines ownership of certificate requests and sends email notifications based on contact information in DNS managed by UW-IT. You are receiving this message because you requested this certificate or because you're a registered DNS contact for the certificate's common name or one of its alternative names. Requests for changes to the contact list for your DNS name(s) should be emailed to email@example.com.