SSL certificates
An SSL certificate is a protocol for encrypting internet traffic and verifying server identity.
This is a specialist service available to administrators of IT systems and servers.
Key features
- Certificates can be issued for hosts with a domain name system (DNS) in the york.ac.uk domain and for any domain owned by the University.
- Each certificate has a lifetime of one to two years from the day it was issued.
- SSL certificates can be used for financial transactions.
Access instructions
- All certificates must use RSA keys of at least 2048 bits.
- Certificate signing requests (CSRs) [anchor link to SF article will be added once the SF article is published] must use the SHA256 hash algorithm.
Available to staff (restrictions apply)
Authorised users can request this service.
Funded by the University
There isn't a cost to you for standard use. Charges apply for specialist certificates.
Additional information
The service is provided by JISC, and allows us to obtain the following types of certificates on behalf of the University:
- Certificate types (jisc.ac.uk)
Unless a specific certificate type is requested, we will issue an Organisation Validated certificate (OV). Extended Validation (EV) certificates are also available, if required.
If you're requesting an EV certificate, please let us know why it is needed.
OV and EV certificates are provided to you free of charge. IT Services purchase a bundle of credits each year to meet the University's needs based on the current number of certificates and expiry dates.
You can have up to 50 SANs (alternative names) as part of the standard service.
The following specialist certificates can be purchased at £100 each:
- Wildcard certificates (OV type) [waiting on feedback to establish if this still exists]
Access instructions
- All certificates must use RSA keys of at least 2048 bits.
- Certificate signing requests (CSRs) [anchor link to SF article will be added once the SF article is published] must use the SHA256 hash algorithm.
Guides and help
How-to guides and set up
Contact for support
If you're experiencing technical issues and need advice, please contact IT Services.
Service commitments
It is your responsibility to:
- follow the guidance on generating a CSR to ensure that a certificate can be issued successfully the first time
- respond to notifications of certificate expiry and make a new request if appropriate
- inform IT Services about certificates that are no longer required so they can be revoked.
The following policies apply to all IT services provided by the University.
Availability
- This is a live service, available 24/7.
Support
- This service is managed by IT Services.
- We are responsible for monitoring, identifying and fixing faults.
- Support is available during our opening hours.
Standards
- Our service performance and standards have been produced in consultation with our customers. We regularly monitor the delivery, performance and availability of facilities and services.
We appreciate feedback as it helps us review and continually improve our service.
Page last reviewed: 9 September 2024