Skip to end of metadata
Go to start of metadata

Overview

UW Certificate Services enables self-service requests by registered owners of DNS names to obtain X.509 certificates from the UW Services CA and InCommon CA.

Registered owners of DNS names can manage their certificates via the UW Certificate Services website at https://iam-tools.u.washington.edu/cs/

Authorization is based on registered contact information for DNS names managed in UW DNS, and based on UW group memberships for DNS names managed outside of UW DNS.

InCommon CA

Recommended for:

  • Server certificates for website SSL

Features:

  • Accepts certificate requests via the UW Certificate Services website.
  • Supports server certificates for UW websites and other services.
  • Supports unlimited server certificates for all UW-owned domains approved by InCommon.
  • Wildcard certificates available to registered owners of approved domains.
  • Certificates issued at no additional cost to UW departments; part of the basic services bundle.
  • InCommon CA is rooted in a commercial CA certificate trusted by browsers and OSes.
  • End users don't need to install any additional root certificates.
  • Server admins must install the InCommon CA intermediate certificate.
  • Trusted by the UW pubcookie keyserver for keyclient authentication.
  • Not trusted by some UW Web Services for client authentication.

Documentation:

UW Services CA

Recommended for:

  • Client certificates for interaction with UW Web Services

Features:

  • Accepts certificate requests via the UW Certificate Services website.
  • Supports server certificates for UW websites and other services.
  • Supports client certificates for UW applications for TLS client authentication.
  • Not trusted by default by browsers and operating systems.
  • To avoid browser warnings, end users must install the UW Services CA root certificate.
  • Trusted by the UW pubcookie keyserver for keyclient authentication.
  • Trusted by most UW Web Services for client authentication.

Documentation:

 

 

See Also