Certificate Services
OCIS and DoIT offer GeoTrust server SSL and code signing certificates for purchase from the Tech Store for those applications that require commercial certificates. In addition, DoIT offers multi-purpose UW-Madison-issued user certificates for signing and encrypting email, as well as other certificate uses such as certificate authentication.
Thawte certificates that we issued prior to June, 2006 will continue to work and customers can replace them with new GeoTrust certificates, as the old certificate expiration date approaches.
OCIS can only make certificates for servers under the wisc.edu, wisconsin.edu, burningplasma.org, and uwsa.edu domain names. Certificates for domains not on the list can be purchased directly from GeoTrust or another commercial certificate authority.
SSL Certificate Ordering Information
Both 1 and 2 year GeoTrust server certificates can be purchased at the DoIT Tech Store. New certificate requests and renewals of existing certificates are the same price. If you are interested in GeoTrust "wild card" certificates or "code signing" certificates, please contact OCIS for a quote. Please note that the wild card certificates are priced by the number of servers that the certificate will be installed as well as the length of validity, e.g. 1 or 2 years. In general, it takes a larger number of domains hosted on the a few servers to reach the break even point vs. individual certificates. All GeoTrust server certificates are delivered via email originating from GeoTrust (geotrust.com) Please make sure to set any spam filters as appropriate.
Steps for Ordering
Step One: Purchase the needed certificate from
the TechStore
Step Two: Complete the certificate signing request form.
FAQ
Can I use one certificate for multiple virtual host names?
In general, you will need one certificate for each virtual host name that you want to offer ssl services.
Can I have a wildcard certificate, e.g.*.doit.wisc.edu, issued for a group of hosts?
Yes, please contact OCIS for a quote and procedure. Please note that the wild card certificates are priced by the number of servers that the certificate will be installed as well as the length of validity, e.g. 1 or 2 years. In general, it takes a larger number of domains hosted on the a few servers to reach the break even point vs. individual certificates.
Can I change certificate details, e.g. common name, of an existing certificate?
After seven days of the certificate being generated, no certificate details may be changed. Thus, if you change the dns name of the server where the certificate is installed after seven days, you will need to make a new certificate purchase and submit a new CSR.
What happens if I lose my private key, e.g. forget a password, corresponding to my certificate?
After seven days of the certificate being generated, you will need to purchase a new certificate and submit a new CSR.
What happens if I did not receive the certificate via email or accidentally deleted it?
You can contact us to have the certificate re-sent.
How soon can I renew an existing GeoTrust server certificate?
You can renew a certificate up to 90 days in advance of the certificate expiring. Please note that you will not lose any validly time when you renew.
Can I have an extended validation (EV) server certificate?
Yes. EV certificates are available in our GeoTrust program but must be ordered manually. Please contact OCIS for a quote and procedure.
When are renewal notices sent?
Renewal notices are sent at 90, 30, 14, and 7 days out from expiration.
Please contact OCIS for more information