This is a list of frequently asked questions (FAQ) about the InCommon Certificate Service. See the excellent CA/Browser Forum FAQ for answers to more general questions.
|Table of Contents|
What is the InCommon Certificate Service?
Can I have my own private label CA?
Yes, private label CAs for user certificates are available under our agreement with Comodo. Intermediate CAs hosted are hosted by Comodo, but with campus-specific names, profiles, and practice statements , are (if desired). They are available to members subscribers who desire this functionality for an additional cost. The fees for this service are $3500 for the first year and $2400 in subsequent years.
InCommon does not offer intermediate CAs hosted by members or third parties other than Comodo.
In either case, if certificate validation succeeds, you know your server is configured correctly. Let's try a specific example:
$ openssl s_client -connect www.incommon.org:443 -CAfile AddTrustExternalCARoot.crt --- Certificate chain 0 s:/C=US/postalCode=48104/ST=MI/L=Ann Arbor/street=1000 Oakbrook Drive, suite 300/O=InCommon CA/OU=PlatinumSSL/CN=www.incommon.org i:/C=US/O=Internet2/OU=InCommon/CN=InCommon Server CA 1 s:/C=US/O=Internet2/OU=InCommon/CN=InCommon Server CA i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root 2 s:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root ---