This is a list of frequently asked questions (FAQ) about the InCommon Certificate Service. See the excellent CA/Browser Forum FAQ for answers to more general questions.
| Table of Contents |
|---|
General Questions
What is the InCommon Certificate Service?
...
Yes, private label CAs are available under our agreement with Comodo. Intermediate CAs hosted by Comodo, but with campus-specific profiles and practice statements, are available to members who desire this functionality for an additional cost. The fees for this service are $3500 for the first year and $2400 in subsequent years.
InCommon does not offer intermediate CAs hosted by members or third parties other than Comodo.
...
In either case, if certificate validation succeeds, you know your server is configured correctly. Let's try a specific example:
| Code Block |
|---|
$ openssl s_client -connect www.incommon.org:443 -CAfile AddTrustExternalCARoot.crt
---
Certificate chain
0 s:/C=US/postalCode=48104/ST=MI/L=Ann Arbor/street=1000 Oakbrook Drive, suite 300/O=InCommon CA/OU=PlatinumSSL/CN=www.incommon.org
i:/C=US/O=Internet2/OU=InCommon/CN=InCommon Server CA
1 s:/C=US/O=Internet2/OU=InCommon/CN=InCommon Server CA
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
2 s:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
---
|
...