Tip |
---|
title | InCommon Certificate Service SSO and MFA Available |
---|
|
The use of single sign-on and multifactor authentication for accessing the Comodo Certificate Manager is available to any subscriber that also operates an Identity Provider in the InCommon Federation. See this wiki page for details. |
InCommon Certificate Types
This page includes links to technical documents and service endpoints for each of the certificate types issued by the InCommon Certificate Service.
...
The intermediate CA known as the "InCommon RSA Server CA 2", which uses the SHA-2 hash algorithm, was deployed on September 22November 1, 20142023.
- Certificate Chain:
- AddTrust External CA RootAAA Certificate Services [PEM]
- USERTrust RSA Certification Authority [DERPEM]
- InCommon RSA Server CA 2 [DERPEM]
- End-Entity Certificate
Certificate Revocation List:
HTML |
---|
http://crl.incommon-rsa.org/InCommonRSAServerCA.crl |
Online Certificate Status Protocol:
HTML |
---|
http://ocsp.incommon.org |
...
Organizational Validation SSL/TLS Certificates
The intermediate CA known as the InCommon Server CA was deployed on February 1, 2011. Prior to that date, Organizational Validation (OV) SSL/TLS end-entity certificates were signed by the COMODO High Assurance Secure Server CA.
- Chain:
HTML |
---|
<br><span style="margin-left: 3em; line-height: 150%"><a href="https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=10&nav=0,1">AddTrust External CA Root</a> [<a href="https://www.incommon.org/cert/repository/AddTrustExternalCARoot.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/AddTrustExternalCARoot.pem">PEM</a>]</span>
<br><span style="margin-left: 5em; line-height: 150%">InCommon Server CA [<a href="https://www.incommon.org/cert/repository/InCommonServerCA.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/InCommonServerCA.pem">PEM</a>]</span>
<br><span style="margin-left: 7em; line-height: 150%">End-Entity Certificate</span>
|
- Intermediate CA Bundle for OV SSL/TLS Certificates
- Certification Practices Statement for OV SSL/TLS CertificatesCertificate Profile for OV SSL/TLS Certificates
Certificate Revocation List:
incommonorgInCommonServerCA
Online Certificate Status Protocol:
incommonorg
Tip |
---|
To test the freshness of the CRL, type the following command: $ curl -s http://crl.incommonsectigo.orgcom/InCommonServerCAInCommonServerCA2.crl | openssl crl -inform DER -noout -lastupdate -nextupdate
|
...
Extended Validation (EV) SSL/TLS Certificates became available on March 10, 2011.
Certificate Chain:
<br><span style="margin-left: 3em; line-height: 150%" |
><a href="https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=10&nav=0,1">AddTrust External CA Root</a>>AAA Certificate Services [<a href="https:// |
wwwincommon.org/cert/repository/AddTrustExternalCARoot.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/AddTrustExternalCARoot.pemat.internet2.edu/download/attachments/24576265/AAA%20Certificate%20Services.pem?api=v2">PEM</a>]</span>
<br><span style="margin-left: 5em; line-height: 150%" |
><a href="https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=104&nav=0,1,22">COMODO Certification Authority</a>>USERTrust RSA Certification Authority [<a href="https:// |
wwwincommon.org/cert/repository/COMODOAddTrustServerCA.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/COMODOAddTrustServerCA.pemat.internet2.edu/download/attachments/24576265/USERTrust%20RSA%20Certification%20Authority.pem?api=v2">PEM</a>]</span>
<br><span style="margin-left: 7em; line-height: 150%" |
><a href="https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=103&nav=0,1,22">COMODO>Sectigo RSA Extended Validation Secure Server |
CA</a>wwwincommon.org/cert/repository/COMODOExtendedValidationSecureServerCA.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/COMODOExtendedValidationSecureServerCA.pemat.internet2.edu/download/attachments/24576265/Sectigo%20RSA%20Extended%20Validation%20Secure%20Server%20CA.pem?api=v2">PEM</a>]</span>
<br><span style="margin-left: 9em; line-height: 150%">End-Entity Certificate</span>
|
- Intermediate CA Bundle for EV SSL/TLS Certificates
- Certification Practices Statement for EV SSL/TLS Certificates
- Certificate Profile for EV SSL/TLS Certificates
Certificate Revocation List:
comodocaCOMODOExtendedValidationSecureServerCASectigoRSAExtendedValidationSecureServerCA.crl |
Online Certificate Status Protocol:
comodoca
IGTF Server Certificates
InCommon offers IGTF server certificates for use by subscribers who are also active with the IGTF grid community. Note: Unless you are running a server as part of the IGTF grid (see the IGTF website) these certificates are NOT what you need. Request a normal InCommon server certificate instead.
The intermediate CA known as the InCommon RSA IGTF Server CA 3 was deployed on July 717, 20142023.
- Certificate Chain:
- AddTrust External CA Root
- AAA Certificate Services (root) [PEM]
- USERTrust COMODO RSA Certification Authority [DERPEM]
- InCommon RSA IGTF Server CA 3 [DERPEM]
- End-Entity Certificate
- Certificate Revocation List: http://crl.incommon-igtfsectigo.orgcom/InCommonIGTFServerCAInCommonRSAIGTFServerCA3.crl
- Online Certificate Status Protocol: http://ocsp.incommon-igtfsectigo.orgRepository: https://www.incommon.org/certificates/igtf/com
- Certification Practices Statement for IGTF certificates
...
HTML |
---|
<br><span style="margin-left: 3em; line-height: 150%">AddTrust>AAA ExternalCertificate CAServices Root [<a href="https://wwwspaces.incommon.org/cert/repository/AddTrustExternalCARoot.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/AddTrustExternalCARoot.pemat.internet2.edu/download/attachments/24576265/AAA%20Certificate%20Services.pem?api=v2">PEM</a>]</span>
<br><span style="margin-left: 5em; line-height: 150%">USERTrust RSA Certification Authority [<a href="https://www.incommon.org/cert/repository/USERTrustRSAClient_CA.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/USERTrustRSAClient_CA.pem">PEM</a>]</span>
<br><span style="margin-left: 7em; line-height: 150%">InCommon RSA Standard Assurance Client CA 2 [<a href="https://wwwspaces.incommon.org/cert/repository/InCommonRSAStandardAssuranceClientCA.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/InCommonRSAStandardAssuranceClientCA.pemat.internet2.edu/download/attachments/24576265/InCommon%20RSA%20Standard%20Assurance%20Client%20CA%202.pem?api=v2">PEM</a>]</span>
<br><span style="margin-left: 9em; line-height: 150%">End-Entity Certificate</span> |
SHA-1 Standard Assurance Client Certificates (deprecated)
The intermediate CA known as the InCommon Standard Assurance Client CA was deployed on March 10, 2011.
Certificate Chain:
HTML |
<br><span style="margin-left: 3em; line-height: 150%"><a href="https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=10&nav=0,1">AddTrust External CA Root</a> [<a href="https://www.incommon.org/cert/repository/AddTrustExternalCARoot.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/AddTrustExternalCARoot.pem">PEM</a>]</span>
<br><span style="margin-left: 5em; line-height: 150%"><a href="https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=114&nav=0,1">UTN-USERFirst-Client Authentication and Email</a> [<a href="https://www.incommon.org/cert/repository/UTNAddTrustClient_CA.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/UTNAddTrustClient_CA.pem">PEM</a>]</span>
<br><span style="margin-left: 7em; line-height: 150%">InCommon Standard Assurance Client CA [<a href="https://www.incommon/cert/repository/InCommonStandardAssuranceClientCA.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/InCommonStandardAssuranceClientCA.pem">PEM</a>]</span>
<br><span style="margin-left: 9em; line-height: 150%">End-Entity Certificate</span>
Anchor |
---|
| code-signing-certs |
---|
| code-signing-certs |
---|
|
...
...
The intermediate CA known as the InCommon Code Signing CA (SHA-1) was deployed on June 30, 2011.
Certificate Chain:
<br><span style="margin-left: 3em; line-height: 150%" |
><a href="https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=10&nav=0,1">AddTrust External CA Root</a> >AAA Certificate Services [<a href="https:// |
wwwincommon.org/cert/repository/AddTrustExternalCARoot.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/AddTrustExternalCARoot.pemat.internet2.edu/download/attachments/24576265/AAA%20Certificate%20Services.pem?api=v2">PEM</a>]</span>
<br><span style="margin-left: 5em; line-height: 150%" |
><a href="https://support.comodo.com/index.php?_m=downloads&_a=view&parentcategoryid=24&pcid=1&nav=0,1">UTN-USERFirst-Object</a>>Sectigo Public Code Signing Root R46 [<a href="https:// |
wwwincommon.org/cert/repository/UTN-USERFirst-Object.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/UTN-USERFirst-Object.pemat.internet2.edu/download/attachments/24576265/Sectigo%20Public%20Code%20Signing%20Root%20R46.pem?api=v2">PEM</a>]</span>
<br><span style="margin-left: 7em; line-height: 150%" |
>InCommon>Sectigo Public Code Signing CA R36 [<a href="https:// |
wwwincommon.org/cert/repository/InCommonCodeSigningCA.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/InCommonCodeSigningCA.pemat.internet2.edu/download/attachments/24576265/Sectigo%20Public%20Code%20Signing%20CA%20R36.pem?api=v2">PEM</a>]</span>
<br><span style="margin-left: 9em; line-height: 150%">End-Entity Certificate</span>
|
The following information is common to both the SHA-1 and SHA-2 InCommon intermediate CAs:
...