Overview:

The University of Rhode Island has partnered with InCommon Federation which allows the University to obtain digital certificates at an affordable annual fee. The cost is completely covered by Information Technology Services as certificates are deployed as part of our enterprise license agreement with InCommon. There is no charge to the University community who request digital certificates for the purposes of securing Internet traffic. The InCommon license entitles the University to an unlimited number of electronic certificates for all URI domains and servers.

Secure Sockets Layer (SSL) is a security protocol used to provide two-way encryption for unencrypted protocols like HTTP & FTP. SSL certificates also provide a way for clients to validate that the server or domain they are connecting to is authentic. The certificates are certified to work with all mainstream operating systems and web browsers.

Requests:

Certificate requests can be sent to security@uri.edu with attached Certificate Signing Requests (CSR) generated with a key length of at least 2048 bits. ITS/Information Security staff may ask for validation of any request for service or record creation under this system. Validation would normally be by telephone to a department supervisor.

You must include:

  • Server name
  • Web server platform and version (e.g., Apache/Mod SSL, MS IIS)
  • Name, address, email address, and phone number of the responsible person
  • Appropriate CSR
  • Certificate characteristics (e.g., duration typically one, two, or three years)

When filling out Certificate Information, you must specify:

  • Organization: University of Rhode Island
  • City/locality: Kingston
  • State/province: Rhode Island
    • You must write out “Rhode Island” because “RI” is not recognized as a state
  • Country: US

If your host name or website has multiple DNS entries, a separate certificate for each is not necessary.  Please include Subject Alternative Names (SAN) in your CSR and note its use in your request.

Wildcard Certificates:

In an effort to reduce university risk, the Information Security Office will not issue wildcard certificates for any production sub-domains.

NOTE: Most requests are processed within 24 – 48 hours.  In some cases, it can take up to 72 hours for new requests to be fulfilled.  Please plan accordingly.

Help:

InCommon Certificate Service Support

InCommon Information Repository