SSL Certification Overview
Cal Poly Standardized Process for Obtaining SSL Certificates
InCommon SSL Certificates are the standard certificates used at CalPoly since January 10,2011. Thawte SSL Certificates are still available at cost to the department requesting them.
For pricing information please see the SSL Certificate Cost Model.
Cal Poly is participating in the InCommon Certificate Service, which allows administrators in campus departments to request digital/SSL certificates used for such purposes as securing web servers run on behalf of your department. Such web servers present digital certificates to certify to visitors that the name of the web server legitimately belongs to the calpoly.edu web domain.
Through the InCommon Certificate Service, Cal Poly is entitled to issue unlimited digital certificates through Comodo, a well-established commercial Certificate Authority. The California State University Office of the Chancellor is sponsoring the fees and ongoing support for this program for the entire CSU system. The InCommon Certificate Service will be managed at Cal Poly by ITS.
This agreement provides numerous benefits to the campus, as outlined below. The process for obtaining certificates under this agreement is summarized below and detailed on the Step-by-Step tab of this website. Further details are available by contacting ITS Operations.
Need for SSL Certificates
Many systems on campus receive or transmit sensitive data through the network. For example, a web server may provide confidential student information to authorized users or accept entry of a credit card number. SSL provides specific protections for this information as it is transported over the network. First, SSL provides encryption of data so that those who are not involved in the transaction cannot view or modify the network traffic. Second, SSL provides server authentication, meaning that a user is able to verify that they are conducting a transaction with a server controlled by Cal Poly.
SSL requires that the server have a certificate. In order to provide both encryption and server authentication these certificates must be provided by a well known Certificate Authority. This Certificate Authority establishes that a service name (e.g. my.calpoly.edu) is in fact associated with an organization (e.g. Cal Poly San Luis Obispo).
Thus, SSL is a required measure to protect the confidentiality and integrity of University information as it is sent over the network (unless other equivalent measures are used), and it is necessary to use a certificate issued by a well known Certificate Authority. The centralized purchase process meets these requirements, and offers additional benefits.
Obtaining Certificates – Overview
ITS will approved SSL Certificates for authorized requestors. Below is the basic protocol for obtaining SSL Certificates for your department server(s).
- Generate a CSR (Certificate Signing Request) for the server that will use the certificate.
- Visit the Certificate Manager End User URL and select “Certificate enrollment”
- Enter details for the certificate
- OPS will approve the certificate if the above information requirements are met.
For more information, contact ITS Operations or review the Supporting Documentation available below.
SSL Certification Supporting Documentation
Feel free to contact us directly by phone or via email for SSL Certificate inquiries.