SSL certificates

Related pages

Resources for DCOs

This is a specialist service available to administrators of IT systems and servers.

Administrators can request SSL certificates for any service hosted under york.ac.uk, or other domains legally owned by the University.

Request an SSL certificate »

Overview
Instructions
Help & troubleshooting
Our commitments
Your responsibilities

Overview

Eligibility

Departmental Computing Officers (DCOs) and IT Services staff can request certificates.

Types of certificate

The service is provided by JISC, and allows us to obtain the following types of certificates on behalf of the University:

Certificate types (JISC)

Unless a specific certificate type is requested, we will issue an Organisation Validated certificate (OV). Extended Validation (EV) certificates are also available, if required.

If you're requesting an EV certificate, please let us know why it is needed.

Charges

OV and EV certificates are provided to you free of charge. IT Services purchase a bundle of credits each year to meet the University's needs based on the current number of certificates and expiry dates.

You can have up to 50 SANs (alternative names) as part of the standard service.

The following specialist certificates can be purchased at £100 each:

Wildcard certificates (OV type)

About the certificates

All certificates must use RSA keys of at least 2048 bits
All certificate signing requests (CSRs) must use the SHA256 hash algorithm - SHA1 is no longer supported.
All certificates are signed and issued by QuoVadis but the request and issuing process is managed by IT Services (via JISC).
Certificates can be issued for hosts with a DNS entry in the .york.ac.uk domain and for any domain that is legally owned by the University.
Certificates can have a lifetime of of 1-2 years from the day of issuance.
Certificates can now be used for financial transactions.

Instructions

Generate a certificate signing request (CSR)

Help & troubleshooting

Help

JISC Certificate Service community

Library & IT Help Desk

If you're having problems with any aspect of SSL certificates, get in touch with the IT Support.

Our commitments

Service status	Live and supported service.
Hours of service	24/7
Service support	For help and support with this service, contact the IT Support.
Hours of support	Help from the Library & IT Help Desk is available 9am to 5pm, Monday to Friday.
Target availability	General IT Services targets: Information Services Service Standards
Our performance	Our service standards have been produced in consultation with our customers, and monitor the quality, timeliness and access to facilities and services: Information Services Service Standards
Complaints procedure	If you wish to give us general feedback on this service, please see our Feedback page for ways to get in touch. If you wish to make a complaint, please see our complaints procedure.

Your responsibilities

It is your responsibility to:

Follow the guidance on generating a CSR to ensure that a certificate can be issued successfully first time
Respond to notifications of certificate expiry and make a new request if appropriate
Inform IT Services about certificates that are no longer required so they can be revoked