InCommon Certificate Types
This page includes links to technical documents and service endpoints for each of the certificate types issued by the InCommon Certificate Service.
Contents:
SSL/TLS Certificates
SHA-2 Server Certificates
The intermediate CA known as the InCommon RSA Server CA, which uses the SHA-2 hash algorithm, was deployed on September 22, 2014.
- Certificate Chain:
Certificate Revocation List:
http://crl.incommon-rsa.org/InCommonRSAServerCA.crlOnline Certificate Status Protocol:
http://ocsp.incommon.org
Organizational Validation SSL/TLS Certificates
The intermediate CA known as the InCommon Server CA was deployed on February 1, 2011. Prior to that date, Organizational Validation (OV) SSL/TLS end-entity certificates were signed by the COMODO High Assurance Secure Server CA.
Certificate Chain:
AddTrust External CA Root [Text] [PEM]
InCommon Server CA [Text] [PEM]
End-Entity Certificate
- Intermediate CA Bundle for OV SSL/TLS Certificates
- Certification Practices Statement for OV SSL/TLS Certificates
- Certificate Profile for OV SSL/TLS Certificates
Certificate Revocation List:
http://crl.incommon.org/InCommonServerCA.crlOnline Certificate Status Protocol:
http://ocsp.incommon.org
To test the freshness of the CRL, type the following command:
$ curl -s http://crl.incommon.org/InCommonServerCA.crl | openssl crl -inform DER -noout -lastupdate -nextupdate
Extended Validation SSL/TLS Certificates
Extended Validation (EV) SSL/TLS Certificates became available on March 10, 2011.
Certificate Chain:
AddTrust External CA Root [Text] [PEM]
COMODO Certification Authority [Text] [PEM]
COMODO Extended Validation Secure Server CA [Text] [PEM]
End-Entity Certificate
- Intermediate CA Bundle for EV SSL/TLS Certificates
- Certification Practices Statement for EV SSL/TLS Certificates
- Certificate Profile for EV SSL/TLS Certificates
Certificate Revocation List:
http://crl.comodoca.com/COMODOExtendedValidationSecureServerCA.crl
Online Certificate Status Protocol:
http://ocsp.comodoca.com
IGTF Server Certificates
The intermediate CA known as the InCommon IGTF Server CA was deployed on July 7, 2014.
- Certificate Chain:
- Certificate Revocation List: http://crl.incommon-igtf.org/InCommonIGTFServerCA.crl
- Online Certificate Status Protocol: http://ocsp.incommon-igtf.org
- Repository: https://www.incommon.org/certificates/igtf/
Client Certificates
SHA-2 Standard Assurance Client Certificates
The intermediate CA known as the InCommon RSA Standard Assurance Client CA was deployed on September 18, 2014.
- Certificate Chain:
AddTrust External CA Root [Text] [PEM]
USERTrust RSA Certification Authority [Text] [PEM]
InCommon RSA Standard Assurance Client CA [Text] [PEM]
End-Entity Certificate=
- Intermediate CA Bundle for Standard Client Certificates
- Certification Practices Statement for Standard Client Certificates
Certificate Revocation List:
SHA-1 Standard Assurance Client Certificates (deprecated)
The intermediate CA known as the InCommon Standard Assurance Client CA was deployed on March 10, 2011.
Certificate Chain:
AddTrust External CA Root [Text] [PEM]
UTN-USERFirst-Client Authentication and Email [Text] [PEM]
InCommon Standard Assurance Client CA [Text] [PEM]
End-Entity Certificate
- Intermediate CA Bundle for Standard Client Certificates
- Certification Practices Statement for Standard Client Certificates
- Certificate Profile for Standard Client Certificates
Certificate Revocation List:
http://crl.incommon.org/InCommonStandardAssuranceClientCA.crlOnline Certificate Status Protocol:
http://ocsp.incommon.org
Code-signing Certificates
The intermediate CA known as the InCommon RSA Code Signing CA (SHA-2) was deployed on September 19, 2014.
- Certificate Chain
- Please click here to see the cert chain: https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/992/108/incommon-code-signing-sha-2
The intermediate CA known as the InCommon Code Signing CA (SHA-1) was deployed on June 30, 2011.
Certificate Chain:
AddTrust External CA Root [Text] [PEM]
UTN-USERFirst-Object [Text] [PEM]
InCommon Code Signing CA [Text] [PEM]
End-Entity Certificate
The following information is common to both the SHA-1 and SHA-2 InCommon intermediate CAs:
- Certification Practices Statement for Code-Signing Certificates
Certificate Revocation List:
http://crl.incommon.org/InCommonCodeSigningCA.crlOnline Certificate Status Protocol:
http://ocsp.incommon.org