Skip to content Accessibility statement
Home>IT Services>Tools, software and services>SSL certificates

SSL certificates

An SSL certificate is a protocol for encrypting internet traffic and verifying server identity.

This is a specialist service available to administrators of IT systems and servers.

Key features

  • Certificates can be issued for hosts with a domain name system (DNS) in the york.ac.uk domain and for any domain owned by the University.
  • Each certificate has a lifetime of one to two years from the day it was issued.
  • SSL certificates can be used for financial transactions.

Access instructions

Request an SSL certificate

  • All certificates must use RSA keys of at least 2048 bits.
  • Certificate signing requests (CSRs) [anchor link to SF article will be added once the SF article is published] must use the SHA256 hash algorithm.

Available to staff (restrictions apply)

Authorised users can request this service.

Funded by the University

There isn't a cost to you for standard use. Charges apply for specialist certificates.

Additional information

The service is provided by JISC, and allows us to obtain the following types of certificates on behalf of the University:

Unless a specific certificate type is requested, we will issue an Organisation Validated certificate (OV). Extended Validation (EV) certificates are also available, if required.

If you're requesting an EV certificate, please let us know why it is needed.

OV and EV certificates are provided to you free of charge. IT Services purchase a bundle of credits each year to meet the University's needs based on the current number of certificates and expiry dates. 

You can have up to 50 SANs (alternative names) as part of the standard service.

The following specialist certificates can be purchased at £100 each:

  • Wildcard certificates (OV type) [waiting on feedback to establish if this still exists]

Access instructions

Request an SSL certificate

  • All certificates must use RSA keys of at least 2048 bits.
  • Certificate signing requests (CSRs) [anchor link to SF article will be added once the SF article is published] must use the SHA256 hash algorithm.

Contact for support

If you're experiencing technical issues and need advice, please contact IT Services.

Service commitments

It is your responsibility to:

  • follow the guidance on generating a CSR to ensure that a certificate can be issued successfully the first time
  • respond to notifications of certificate expiry and make a new request if appropriate
  • inform IT Services about certificates that are no longer required so they can be revoked.

The following policies apply to all IT services provided by the University.

Availability

  • This is a live service, available 24/7.

Support

  • This service is managed by IT Services.
  • We are responsible for monitoring, identifying and fixing faults.
  • Support is available during our opening hours.

Standards

  • Our service performance and standards have been produced in consultation with our customers, and we monitor the delivery, performance and availability of facilities and services.

We appreciate feedback as it helps us review and continually improve our service.

Page last reviewed: 9 September 2024