InCommon CA or UW CA?
In general, use InCommon CA if the certificate is for website SSL, and UW CA if the certificate is for authenticating to a UW web service (e.g. student web service or person web service). For more information see CA comparison.
InCommon certificates have a maximum lifetime of two years starting 2018-03-01. This change affects all publicly trusted CAs. See CAB Ballot 193 for more information. The UWCA is not a publicly trusted CA and continues to issue three year certificates.
- Server certificates for website SSL
- InCommon CA is rooted in a commercial CA certificate trusted by browsers and OSes.
- Accepts certificate requests via the UW Certificate Services website.
- Supports server certificates for UW websites and other services.
- Supports unlimited server certificates for all UW-owned domains approved by InCommon.
- Wildcard certificates available to registered owners of approved domains.
- Certificates issued at no additional cost to UW departments; part of the basic services bundle.
- End users don't need to install any additional root certificates.
- Server admins must install the InCommon CA intermediate certificate.
- Trusted by the UW pubcookie keyserver for keyclient authentication.
- Not trusted by some UW Web Services for client authentication.
UW Services CA
- Client certificates for interaction with UW Web Services