SSL certificates
An SSL certificate is a protocol for encrypting internet traffic and verifying server identity.
This is a specialist service available to administrators of IT systems and servers.
Key features
- Certificates can be issued for hosts with a domain name system (DNS) in the york.ac.uk domain and for any domain owned by the University.
- Each certificate has a lifetime of one to two years from the day it was issued.
- SSL certificates can be used for financial transactions.
Access instructions
- All certificates must use RSA keys of at least 2048 bits.
- Certificate signing requests (CSRs) [anchor link to SF article will be added once the SF article is published] must use the SHA256 hash algorithm.
Additional information
Types of certificate
The service is provided by JISC, and allows us to obtain the following types of certificates on behalf of the University:
- Certificate types (jisc.ac.uk)
Unless a specific certificate type is requested, we will issue an Organisation Validated certificate (OV). Extended Validation (EV) certificates are also available, if required.
If you're requesting an EV certificate, please let us know why it is needed.
Charges
OV and EV certificates are provided to you free of charge. IT Services purchase a bundle of credits each year to meet the University's needs based on the current number of certificates and expiry dates.
You can have up to 50 SANs (alternative names) as part of the standard service.
The following specialist certificates can be purchased at £100 each:
- Wildcard certificates (OV type) [waiting on feedback to establish if this still exists]