InCommon Cert Types

InCommon Certificate Types

This page includes links to technical documents and service endpoints for each of the certificate types issued by the InCommon Certificate Service.

Contents:

SSL/TLS Certificates

SHA-2 Server Certificates

The intermediate CA known as the InCommon RSA Server CA, which uses the SHA-2 hash algorithm, was deployed on September 22, 2014.

• Certificate Chain (Comodo's version of the chain):
  • USERTrust Secure [DER]
  • InCommon RSA Server CA [DER] [PEM]
  • End-Entity Certificate
• Certification Practices Statement for OV SSL/TLS Certificates

• Certificate Revocation List:http://crl.incommon-rsa.org/InCommonRSAServerCA.crl

• Online Certificate Status Protocol:http://ocsp.incommon-rsa.org

Extended Validation SSL/TLS Certificates

Extended Validation (EV) SSL/TLS Certificates became available on March 10, 2011.

• Certificate Chain:
  AddTrust External CA Root [Text] [PEM]
  COMODO Certification Authority [Text] [PEM]
  COMODO Extended Validation Secure Server CA [Text] [PEM]
  End-Entity Certificate

• Intermediate CA Bundle for EV SSL/TLS Certificates
• Certification Practices Statement for EV SSL/TLS Certificates
• Certificate Profile for EV SSL/TLS Certificates

• Certificate Revocation List:http://crl.comodoca.com/COMODOExtendedValidationSecureServerCA.crl

• Online Certificate Status Protocol:http://ocsp.comodoca.com

IGTF Server Certificates

The intermediate CA known as the InCommon IGTF Server CA was deployed on July 7, 2014.

• Certificate Chain:
  • AddTrust External CA Root
  • COMODO RSA Certification Authority [DER]
  • InCommon IGTF Server CA [DER]
  • End-Entity Certificate

• Certificate Revocation List: http://crl.incommon-igtf.org/InCommonIGTFServerCA.crl
• Online Certificate Status Protocol: http://ocsp.incommon-igtf.org
• Certification Practices Statement for IGTF certificates

Client Certificates

SHA-2 Standard Assurance Client Certificates

The intermediate CA known as the InCommon RSA Standard Assurance Client CA was deployed on September 18, 2014.

• • Certificate Chain:

• • Intermediate CA Bundle for Standard Client Certificates
  • Certification Practices Statement for Standard Client Certificates

  • Certificate Revocation List:

    http://crl.incommon-rsa.org/InCommonRSAStandardAssuranceClientCA.crl

  • Online Certificate Status Protocol:

    http://ocsp.incommon-rsa.org

SHA-1 Standard Assurance Client Certificates (deprecated)

The intermediate CA known as the InCommon Standard Assurance Client CA was deployed on March 10, 2011.

• • Certificate Chain:
    AddTrust External CA Root [Text] [PEM]
    UTN-USERFirst-Client Authentication and Email [Text] [PEM]
    InCommon Standard Assurance Client CA [Text] [PEM]
    End-Entity Certificate

• • Intermediate CA Bundle for Standard Client Certificates
  • Certification Practices Statement for Standard Client Certificates
  • Certificate Profile for Standard Client Certificates

  • Certificate Revocation List:http://crl.incommon.org/InCommonStandardAssuranceClientCA.crl

  • Online Certificate Status Protocol:http://ocsp.incommon.org

Code-signing Certificates

The intermediate CA known as the InCommon RSA Code Signing CA (SHA-2) was deployed on September 19, 2014.

• • Certificate Chain
    • Please click here to see the cert chain: https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/992/108/incommon-code-signing-sha-2

The intermediate CA known as the InCommon Code Signing CA (SHA-1) was deployed on June 30, 2011.

• • Certificate Chain:
    AddTrust External CA Root [Text] [PEM]
    UTN-USERFirst-Object [Text] [PEM]
    InCommon Code Signing CA [Text] [PEM]
    End-Entity Certificate

The following information is common to both the SHA-1 and SHA-2 InCommon intermediate CAs:

• • Certification Practices Statement for Code-Signing Certificates

  • Certificate Revocation List:http://crl.incommon.org/InCommonCodeSigningCA.crl

  • Online Certificate Status Protocol:http://ocsp.incommon.org