Tip | ||
---|---|---|
| ||
The use of single sign-on and multifactor authentication for accessing the Comodo Certificate Manager is available to any subscriber that also operates an Identity Provider in the InCommon Federation. See this wiki page for details. |
InCommon Certificate Types
This page includes links to technical documents and service endpoints for each of the certificate types issued by the InCommon Certificate Service.
Contents:
Table of Contents |
---|
Anchor | ||||
---|---|---|---|---|
|
SSL/TLS Certificates
SHA-2 Server Certificates
The intermediate CA known as the "InCommon RSA Server CA 2", which uses the SHA-2 hash algorithm, was deployed on November 1, 2023.
- Certificate Chain:
- Certification Practices Statement for OV SSL/TLS Certificates
Certificate Revocation List:
HTML http://crl.sectigo.com/InCommonRSAServerCA2.crl
Online Certificate Status Protocol:
HTML http://ocsp.sectigo.com
Tip |
---|
To test the freshness of the CRL, type the following command:
|
Anchor | ||||
---|---|---|---|---|
|
Extended Validation SSL/TLS Certificates
Extended Validation (EV) SSL/TLS Certificates became available on March 10, 2011.
Certificate Chain:
HTML <br><span style="margin-left: 3em; line-height: 150%">AAA Certificate Services [<a href="https://spaces.at.internet2.edu/download/attachments/24576265/AAA%20Certificate%20Services.pem?api=v2">PEM</a>]</span> <br><span style="margin-left: 5em; line-height: 150%">USERTrust RSA Certification Authority [<a href="https://spaces.at.internet2.edu/download/attachments/24576265/USERTrust%20RSA%20Certification%20Authority.pem?api=v2">PEM</a>]</span> <br><span style="margin-left: 7em; line-height: 150%">Sectigo RSA Extended Validation Secure Server CA [<a href="https://spaces.at.internet2.edu/download/attachments/24576265/Sectigo%20RSA%20Extended%20Validation%20Secure%20Server%20CA.pem?api=v2">PEM</a>]</span> <br><span style="margin-left: 9em; line-height: 150%">End-Entity Certificate</span>
- Intermediate CA Bundle for EV SSL/TLS Certificates
- Certification Practices Statement for EV SSL/TLS Certificates
- Certificate Profile for EV SSL/TLS Certificates
Certificate Revocation List:
HTML http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl
Online Certificate Status Protocol:
HTML http://ocsp.sectigo.com
IGTF Server Certificates
InCommon offers IGTF server certificates for use by subscribers who are also active with the IGTF grid community. Note: Unless you are running a server as part of the IGTF grid (see the IGTF website) these certificates are NOT what you need. Request a normal InCommon server certificate instead.
The intermediate CA known as the InCommon RSA IGTF Server CA 3 was deployed on July 17, 2023.
- Certificate Chain:
- Certificate Revocation List: http://crl.sectigo.com/InCommonRSAIGTFServerCA3.crl
- Online Certificate Status Protocol: http://ocsp.sectigo.com
- Certification Practices Statement for IGTF certificates
Anchor | ||||
---|---|---|---|---|
|
Client Certificates
SHA-2 Standard Assurance Client Certificates
The intermediate CA known as the InCommon RSA Standard Assurance Client CA was deployed on September 18, 2014.
- Certificate Chain:
HTML |
---|
<br><span style="margin-left: 3em; line-height: 150%">AAA Certificate Services [<a href="https://spaces.at.internet2.edu/download/attachments/24576265/AAA%20Certificate%20Services.pem?api=v2">PEM</a>]</span>
<br><span style="margin-left: 5em; line-height: 150%">USERTrust RSA Certification Authority [<a href=" |
InCommon Certificate Types
Server Certificates
Domain Validation SSL/TLS Certificates
- Certificate Chain:
Wiki Markup [AddTrust External CA Root|https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=10&nav=0,1] \[[Text|https://www.incommon.org/cert/repository/AddTrustExternalCARoot.txt]\] \[[PEM|https://www.incommon.org/cert/repository/AddTrustExternalCARoot.pem]\]
Wiki Markup InCommon Server CA \[[Text|https://www.incommon.org/cert/repository/InCommonServerCA.txt]\] \[[PEM|https://www.incommon.org/cert/repository/InCommonServerCA.pem]\]
- End-Entity Certificate
- Intermediate CA Apache Bundle
- Certificate Revocation List
- Online Certificate Status Protocol
- Certification Practices Statement
- Certificate Profile
Extended Validation SSL/TLS Certificates
...
Wiki Markup |
---|
[AddTrust External CA Root|https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=10&nav=0,1] \[[Text|https://www.incommon.org/cert/repository/AddTrustExternalCARoot.txt]\] \[[PEM|https://www.incommon.org/cert/repository/AddTrustExternalCARoot.pem]\] |
...
https://www.incommon.org/cert/repository/ |
...
USERTrustRSAClient_CA.txt">Text</a>] |
...
|
...
[<a href="https://www.incommon.org/cert/repository/ |
...
USERTrustRSAClient_CA.pem">PEM</a>]</span> <br><span style="margin-left: 7em; line-height: 150%">InCommon RSA Standard Assurance Client CA 2 [<a href="https://spaces.at.internet2.edu/download/attachments/24576265/InCommon%20RSA%20Standard%20Assurance%20Client%20CA%202.pem?api=v2">PEM</a>]</span> <br><span style="margin-left: 9em; line-height: 150%">End-Entity Certificate</span> |
- Intermediate CA Bundle for Standard Client Certificates
- Certification Practices Statement for Standard Client Certificates
]\]Wiki Markup [COMODO Extended Validation Secure Server CA|https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=103&nav=0,1,22] \[[Text|https://www.incommon.org/cert/repository/COMODOExtendedValidationSecureServerCA.txt]\] \[[PEM|https://www.incommon.org/cert/repository/COMODOExtendedValidationSecureServerCA.pem]\]
- End-Entity Certificate
Certificate Revocation List:
HTML http://crl.
comodoca.com/COMODOExtendedValidationSecureServerCAincommon-rsa.org/InCommonRSAStandardAssuranceClientCA.crl
Online Certificate Status Protocol:
HTML http://ocsp.
comodoca.com- Certification Practices Statement
- Certificate Profile
Client Certificates
Standard Assurance Personal Certificates
incommon-rsa.org
Anchor | ||||
---|---|---|---|---|
|
Code-signing Certificates
The intermediate CA known as the InCommon RSA Code Signing CA (SHA-2) was deployed on September 19, 2014.
- Certificate Chain:
- Certificate Chain
- Please click here to see the cert chain:
- Certificate Chain
- _m=downloads&_a=viewdownload&downloaditemid=10&nav=0,1] \[[Text|https://www.incommon.org/cert/repository/AddTrustExternalCARoot.txt]\] \[[PEM|https://www.incommon.org/cert/repository/AddTrustExternalCARoot.pem]\]
Wiki Markup UTN-USERFirst-Client Authentication and Email \[[Text|https://www.incommon.org/cert/repository/UTNAddTrustClient_CA.txt]\] \[[PEM|https://www.incommon.org/cert/repository/UTNAddTrustClient_CA.pem]\]
Wiki Markup InCommon Standard Assurance Client CA \[[Text|https://www.incommon.org/cert/repository/InCommonStandardAssuranceClientCA.txt]\] \[[PEM|https://www.incommon.org/cert/repository/InCommonStandardAssuranceClientCA.pem]\]
- End-Entity Certificate
The intermediate CA known as the InCommon Code Signing CA (SHA-1) was deployed on June 30, 2011.
Certificate Chain:
HTML <br><span style="margin-left: 3em; line-height: 150%">AAA Certificate Services [<a href="https://spaces.at.internet2.edu/download/attachments/24576265/AAA%20Certificate%20Services.pem?api=v2">PEM</a>]</span> <br><span style="margin-left: 5em; line-height: 150%">Sectigo Public Code Signing Root R46 [<a href="https://spaces.at.internet2.edu/download/attachments/24576265/Sectigo%20Public%20Code%20Signing%20Root%20R46.pem?api=v2">PEM</a>]</span> <br><span style="margin-left: 7em; line-height: 150%">Sectigo Public Code Signing CA R36 [<a href="https://spaces.at.internet2.edu/download/attachments/24576265/Sectigo%20Public%20Code%20Signing%20CA%20R36.pem?api=v2">PEM</a>]</span> <br><span style="margin-left: 9em; line-height: 150%">End-Entity Certificate</span>
The following information is common to both the SHA-1 and SHA-2 InCommon intermediate CAs:
- Certification Practices Statement for Code-Signing Certificates
Certificate Revocation List:
HTML http://crl.
incommonsectigo.
orgcom/
InCommonStandardAssuranceClientCASectigoPublicCodeSigningRootR46.crl
Online Certificate Status Protocol:
HTML http://ocsp.
incommon.org- Certification Practices Statement
- Certificate Profile
Bronze Assurance Personal Certificates
Not yet available
Silver Assurance Personal Certificates
Not yet available
Gold Assurance Personal Certificates
Not yet available
Code-signing Certificates
...
sectigo.com