University of Colorado at Boulder  
Map A to Z Index Search CU Home
ITS logo
Information Technology Services News | ITS Search

IT Security Information - SSL Certificates for Secured Web Servers
 

Overview

Administrators who require SSL certificates to secure web services are encouraged to purchase a SSL server certificate signed by a well-known public Certification Authority.  ITS currently uses VeriSign.  Others include ipsCA, Thawte and DST.  

ITS does not act as a clearing-house of SSL certificates for the campus and does not have bulk or site licensing agreements with SSL vendors. The cost of managing such a program would exceed any quantity discount available.

VeriSign Secure Site Services

Before contacting VeriSign you should review the VeriSign Enrollment Guide.  

VeriSign offers several products. You will want to choose the "Secure Site Services" If asked to purchase or use the "On-Site Service Secure Server  Enrollment for University of Colorado at Boulder for Information Technology Services" select "no."

Before VeriSign can issue your Secure Server ID, they need to verify that you have the legal right to conduct business under the name you specify in your enrollment request. In many cases, they can verify this Proof of Organization using the full, legal name of your company or organization and the Dun and Bradstreet number (D-U-N-S number).  Use "University of Colorado at Boulder" for the full legal name and "00-743-1505" as the D-U-N-S number.  So long as your application is for a server on the Colorado.EDU domain this information should allow you to proceed and purchase the certificate.

Keep a copy of the order for your records.  SSL certificates require renewal after one or two years depending on the contract.  Be sure to provide Verisign with good contact information for your department so that Verisign will be able to contact you prior to the expiration of your certificate.

Self-signed Certificates

ITS does not recommend the use of self-signed certificates for production user systems. The secure use of self-signed certificates requires that you or your users configure the browser to trust your certificate.

This approach may also risk conditioning your users to trust certificates that are not valid and potentially dangerous.  In the long-run the cost of a commercial certificate will be far less.

Test Certificates

If you require a certificate for testing or development consider a "test" certificate from Thawte or VeriSign.

Learn More

 

Contact Information
Campus IT Security Office
(303) 735-HELP
security@colorado.edu		  

IT Security Overview
Info for Faculty & Staff
Info for Students
Minimum Security Implementation Guidelines for CSRs & System Admins
File a Security Report
I'm infected, now what?
Encrypted Authentication
CUantivirus
"Ask Security" Form

 

 
       
       Support | Training | Facilities | About ITS | ITS Home
 

Last reviewed: March 13, 2008

IT Service Center: 303-735-4357 (5-HELP), help@colorado.edu, Location and Hours of Operation
Computer Support Representative (CSR) look-up tool

itsfeedback@colorado.edu  | Policies | Privacy
© 2000 The Regents of the University of Colorado