The use of single sign-on and multifactor authentication for accessing the Comodo Certificate Manager is available to any subscriber that also operates an Identity Provider in the InCommon Federation. See this wiki page for details.

InCommon Certificate Types

This page includes links to technical documents and service endpoints for each of the certificate types issued by the InCommon Certificate Service.

Contents:

SSL/TLS Certificates

SHA-2 Server Certificates

The intermediate CA known as the "InCommon RSA Server CA 2", which uses the SHA-2 hash algorithm, was deployed on November 1, 2023.


To test the freshness of the CRL, type the following command:

$ curl -s http://crl.sectigo.com/InCommonServerCA2.crl | openssl crl -inform DER -noout -lastupdate -nextupdate

Extended Validation SSL/TLS Certificates

Extended Validation (EV) SSL/TLS Certificates became available on March 10, 2011.

IGTF Server Certificates

InCommon offers IGTF server certificates for use by subscribers who are also active with the IGTF grid community. Note: Unless you are running a server as part of the IGTF grid (see the IGTF website) these certificates are NOT what you need. Request a normal InCommon server certificate instead.

The intermediate CA known as the InCommon RSA IGTF Server CA 3 was deployed on July 17, 2023.

Client Certificates

SHA-2 Standard Assurance Client Certificates

The intermediate CA known as the InCommon RSA Standard Assurance Client CA was deployed on September 18, 2014.

<br><span style="margin-left: 3em; line-height: 150%">AddTrust External CA Root [<a href="https://www.incommon.org/cert/repository/AddTrustExternalCARoot.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/AddTrustExternalCARoot.pem">PEM</a>]</span>

<br><span style="margin-left: 5em; line-height: 150%">USERTrust RSA Certification Authority [<a href="https://www.incommon.org/cert/repository/USERTrustRSAClient_CA.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/USERTrustRSAClient_CA.pem">PEM</a>]</span>

<br><span style="margin-left: 7em; line-height: 150%">InCommon RSA Standard Assurance Client CA [<a href="https://www.incommon.org/cert/repository/InCommonRSAStandardAssuranceClientCA.txt">Text</a>] [<a href="https://www.incommon.org/cert/repository/InCommonRSAStandardAssuranceClientCA.pem">PEM</a>]</span>

<br><span style="margin-left: 9em; line-height: 150%">End-Entity Certificate</span>


SHA-1 Standard Assurance Client Certificates (deprecated)

The intermediate CA known as the InCommon Standard Assurance Client CA was deployed on March 10, 2011.

Code-signing Certificates

The intermediate CA known as the InCommon RSA Code Signing CA (SHA-2) was deployed on September 19, 2014.


The intermediate CA known as the InCommon Code Signing CA (SHA-1) was deployed on June 30, 2011.

The following information is common to both the SHA-1 and SHA-2 InCommon intermediate CAs: