Versions Compared

Old Version 31

changes.mady.by.user Paul Caskey (internet2.edu)

Saved on

compared with

New Version 34

changes.mady.by.user Dean Woodbeck (internet2.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Tip
titleInCommon Certificate Service SSO and MFA Available

The use of single sign-on and multifactor authentication for accessing the Comodo Certificate Manager is available to any subscriber that also operates an Identity Provider in the InCommon Federation. See this wiki page for details.

This is a list of frequently asked questions (FAQ) about the InCommon Certificate Service. See the excellent CA/Browser Forum FAQ for answers to more general questions.

...

  1. SSL/TLS Certificates
    1. Organizational Validation (OV) SSL/TLS Certificates
      • includes wild-card certificates
    2. Extended Validation (EV) SSL/TLS Certificates
      • issued directly by Comodo and subject to Comodo's domain vetting processes, terms and conditions, and CPS, but at no extra charge beyond the base InCommon certificate service fee
  2. Client Certificates
    1. Standard Assurance Client Certificates
      • three key usage types: signing-only, encryption-only, and dual-use
      • a centralized key escrow service is available at no extra charge
    2. Code-signing Certificates
    3. not yet available

Are there 1024-bit certificates? What about my current 1024-bit certs?

For security reasons, we no longer issue certificates with 1024-bit keys. Comodo will no longer accept Certificate Signing Requests generated with keys of less than 2048 bits. Existing 1024-key certificates may be used until they expire (but at your own risk of course).

Can I have my Can I have my own private label CA?

Yes, private label CAs for user certificates are available under our agreement with Comodo. Intermediate CAs are hosted by Comodo, but with campus-specific names, profiles, and practice statements (if desired).  They are available to subscribers who desire this functionality for an additional cost.  The fees for this service are $3500 for the first year and $2400 in subsequent years.

...

This functionality is anticipated for a later release of the program based upon demand from the InCommon community. Our agreement with Comodo allows for cross-signing of other CAs at an additional cost.

Can I use single sign-on to access the Comodo Certificate Manager?

Yes, if your organization has an identity provider in the InCommon Federation (you can check here), then your RAO can use SSO. Multifactor Authentication is required for use of SSO.

Questions about SSL/TLS Certificates

...