The use of single sign-on and multifactor authentication for accessing the Comodo Certificate Manager is available to any subscriber that also operates an Identity Provider in the InCommon Federation. See this wiki page for details. |
The InCommon Certificate Service issues unlimited Extended Validation (EV) SSL/TLS certificates at no additional cost to subscribers. Because EV certificates require additional levels of validation for the requesting organization, our partner Comodo must handle all of the paperwork as well as the validation process for EV certificates.
InCommon and Comodo also offer Anchor Certificates, which pre-validates domains for future EV certificate requests. When you create an Anchor Certificate, you go through the same validation process as an EV certificate, with the anchor valid for approximately 13 months. The anchor is not an actual certificate, but when applied to all of your domains, you can request EV certificates with no further validation during the life of the anchor.
An extended validation certificate is a X.509 public key infrastructure (PKI) digital certificate in which identifying information about the business entity holding the certificate for a web site or other server has been validated by the certificate authority (CA). The CA uses a standardized set of requirements that also set requirements for auditing, revocation and certificate content. Extended validation certificates are generally considered to be high assurance certificates as that term is used within the PKI community.
EV certificates have higher validation requirements and are issued by Comodo under a separate Certification Authority (CA). Because of the formal requirements that all EV certificates must comply with, Comodo must manage the validation process with separate governing legal terms. For EV certificates, InCommon subscription covers the fees and the same Certificate management interface, while Comodo directly engages with the university on legal and validation terms.
Be sure to list all domains for which you intend to request EV certificates in both the Legal Opinion and the EV Certificate Request Form. Listing the parent domain will cover all sub-domains. For example, listing foo.edu is sufficient to cover web1.foo.edu, web2.foo.edu, etc.
Send via fax or email to Comodo:
Fax: 1-866-446-7704
Email: evdocs@comodo.com
Please note your order number on all three forms to speed the process with Comodo.
Comodo will verify the organization in one of two ways.
For private institutions, the official corporate records must be obtained or verified directly with the Registration Authority (generally the Secretary of State).
For government entities, legal existence can be verified by a verified legal opinion authored by an attorney representing the applicant, or a judge in the same political sub-division as the applicant. See the sample Legal Opinion Letter.
Please include the order number on the document, on a cover sheet, or in the accompanying email message. If, later, you need to add a domain not included in your original Legal Opinion Letter, you can re-use the letter (provided it is for the same organization), but please include the new order number.
If you have multiple domain names, list them all on this form. There are two different forms; choose the form that fits your situation:
You can use one Certificate Request Form for multiple orders submitted at the same time. Otherwise, each order requires its own Certificate Request Form.