InCommon Certificate Types
This page includes links to technical documents and service endpoints for each of the certificate types issued by the InCommon Certificate Service.
Contents:
SSL/TLS Certificates
SHA-2 Server Certificates
The intermediate CA known as the InCommon RSA Server CA, which uses the SHA-2 hash algorithm, was deployed on September 22, 2014.
- Certificate Chain:
- AddTrust External CA Root
- USERTrust RSA Certification Authority [DER]
- InCommon RSA Server CA [DER]
- End-Entity Certificate
- Certificate Revocation List:
{html}http://crl.incommon-rsa.org/InCommonRSAServerCA.crl{html} |
- Online Certificate Status Protocol:
{html}http://ocsp.incommon.org{html} |
Organizational Validation SSL/TLS Certificates
The intermediate CA known as the InCommon Server CA was deployed on February 1, 2011. Prior to that date, Organizational Validation (OV) SSL/TLS end-entity certificates were signed by the COMODO High Assurance Secure Server CA.
- Certificate Chain:
{html}
<br><span style="margin-left: 3em; line-height: 150%"><a href="https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=10&nav=0,1">AddTrust External CA Root</a> [<a href="https://www.incommon.org/cert/repository/AddTrustExternalCARoot.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/AddTrustExternalCARoot.pem">PEM</a>]</span>
<br><span style="margin-left: 5em; line-height: 150%">InCommon Server CA [<a href="https://www.incommon.org/cert/repository/InCommonServerCA.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/InCommonServerCA.pem">PEM</a>]</span>
<br><span style="margin-left: 7em; line-height: 150%">End-Entity Certificate</span>
{html} |
- Intermediate CA Bundle for OV SSL/TLS Certificates
- Certification Practices Statement for OV SSL/TLS Certificates
- Certificate Profile for OV SSL/TLS Certificates
- Certificate Revocation List:
{html}http://crl.incommon.org/InCommonServerCA.crl{html} |
- Online Certificate Status Protocol:
{html}http://ocsp.incommon.org{html} |
To test the freshness of the CRL, type the following command:
$ curl -s http://crl.incommon.org/InCommonServerCA.crl | openssl crl -inform DER -noout -lastupdate -nextupdate
|
Extended Validation SSL/TLS Certificates
Extended Validation (EV) SSL/TLS Certificates became available on March 10, 2011.
- Certificate Chain:
{html}
<br><span style="margin-left: 3em; line-height: 150%"><a href="https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=10&nav=0,1">AddTrust External CA Root</a> [<a href="https://www.incommon.org/cert/repository/AddTrustExternalCARoot.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/AddTrustExternalCARoot.pem">PEM</a>]</span>
<br><span style="margin-left: 5em; line-height: 150%"><a href="https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=104&nav=0,1,22">COMODO Certification Authority</a> [<a href="https://www.incommon.org/cert/repository/COMODOAddTrustServerCA.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/COMODOAddTrustServerCA.pem">PEM</a>]</span>
<br><span style="margin-left: 7em; line-height: 150%"><a href="https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=103&nav=0,1,22">COMODO Extended Validation Secure Server CA</a> [<a href="https://www.incommon.org/cert/repository/COMODOExtendedValidationSecureServerCA.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/COMODOExtendedValidationSecureServerCA.pem">PEM</a>]</span>
<br><span style="margin-left: 9em; line-height: 150%">End-Entity Certificate</span>
{html} |
- Intermediate CA Bundle for EV SSL/TLS Certificates
- Certification Practices Statement for EV SSL/TLS Certificates
- Certificate Profile for EV SSL/TLS Certificates
- Certificate Revocation List:
{html}http://crl.comodoca.com{html} |
/COMODOExtendedValidationSecureServerCA.crl
- Online Certificate Status Protocol:
{html}http://ocsp.comodoca.com{html} |
IGTF Server Certificates
The intermediate CA known as the InCommon IGTF Server CA was deployed on July 7, 2014.
- Certificate Chain:
- AddTrust External CA Root
- COMODO RSA Certification Authority [DER]
- InCommon IGTF Server CA [DER]
- End-Entity Certificate
Client Certificates
Standard Assurance Client Certificates
The intermediate CA known as the InCommon Standard Assurance Client CA was deployed on March 10, 2011.
- Certificate Chain:
{html}
<br><span style="margin-left: 3em; line-height: 150%"><a href="https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=10&nav=0,1">AddTrust External CA Root</a> [<a href="https://www.incommon.org/cert/repository/AddTrustExternalCARoot.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/AddTrustExternalCARoot.pem">PEM</a>]</span>
<br><span style="margin-left: 5em; line-height: 150%"><a href="https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=114&nav=0,1">UTN-USERFirst-Client Authentication and Email</a> [<a href="https://www.incommon.org/cert/repository/UTNAddTrustClient_CA.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/UTNAddTrustClient_CA.pem">PEM</a>]</span>
<br><span style="margin-left: 7em; line-height: 150%">InCommon Standard Assurance Client CA [<a href="https://www.incommon.org/cert/repository/InCommonStandardAssuranceClientCA.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/InCommonStandardAssuranceClientCA.pem">PEM</a>]</span>
<br><span style="margin-left: 9em; line-height: 150%">End-Entity Certificate</span>
{html} |
- Intermediate CA Bundle for Standard Client Certificates
- Certification Practices Statement for Standard Client Certificates
- Certificate Profile for Standard Client Certificates
- Certificate Revocation List:
{html}http://crl.incommon.org/InCommonStandardAssuranceClientCA.crl{html} |
- Online Certificate Status Protocol:
{html}http://ocsp.incommon.org{html} |
Code-signing Certificates
The intermediate CA known as the InCommon Code Signing CA was deployed on June 30, 2011.
- Certificate Chain:
{html}
<br><span style="margin-left: 3em; line-height: 150%"><a href="https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=10&nav=0,1">AddTrust External CA Root</a> [<a href="https://www.incommon.org/cert/repository/AddTrustExternalCARoot.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/AddTrustExternalCARoot.pem">PEM</a>]</span>
<br><span style="margin-left: 5em; line-height: 150%"><a href="https://support.comodo.com/index.php?_m=downloads&_a=view&parentcategoryid=24&pcid=1&nav=0,1">UTN-USERFirst-Object</a> [<a href="https://www.incommon.org/cert/repository/UTN-USERFirst-Object.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/UTN-USERFirst-Object.pem">PEM</a>]</span>
<br><span style="margin-left: 7em; line-height: 150%">InCommon Code Signing CA [<a href="https://www.incommon.org/cert/repository/InCommonCodeSigningCA.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/InCommonCodeSigningCA.pem">PEM</a>]</span>
<br><span style="margin-left: 9em; line-height: 150%">End-Entity Certificate</span>
{html} |
- Intermediate CA Bundle for Code-Signing Certificates
- Certification Practices Statement for Code-Signing Certificates
- Certificate Profile for Code-Signing Certificates
- Certificate Revocation List:
{html}http://crl.incommon.org/InCommonCodeSigningCA.crl{html} |
- Online Certificate Status Protocol:
{html}http://ocsp.incommon.org{html} |