How to Request an SSL Certificate

Overview

To order a new digital (SSL/X.509) certificate, or renew, replace, or revoke an existing certificate, please fill out a service request via the IT Request ticket system. There is no charge for certificates ordered through this service.

NOTE1: Certificates obtained outside of the ITS Certificate Service may be forwarded to the ITS Certificate Team for review and exception processing.

NOTE2: Web Server Names must be approved by Public Affairs and granted via ITS Domain Name System (DNS) service request before digital certificates are requested.
| Policy on the Establishment of Web Server Names in UCSC Domain | UCSC DNS & DHCP Service Requests | Check if a cname is available in UCSC DNS (login required) |


Filling out the Request Form

Within the service request, you will be prompted for the following information:  

  • Administrative and Technical Points of Contact
  • Action to be performed: new, renew, replace or revoke
  • Priority: urgent, high, moderate, low, planning
  • IS-3 Classification: restricted, confidential, other 
  • IS-12 Classification: (PDF) essential, necessary, deferrable 
  • Division or Department (select from drop-down list, choose "Other" if your division/department is not listed) 
  • Certificate Type (select from drop-down list; please ensure compatibility before selecting) 
  • Certificate Term: If new, renew or replace, select 1, 2 or 3 years (1 year max for systems with restricted data)
  • Server Software (where the certificate will be installed)
  • Date Needed
  • Server Name (Common Name/Domain Name) where the certificate will be installed
  • Copy and paste the CSR into the ticket

If you do not know any of the above information or do not know how to generate a Certificate Signing Request (CSR), you can leave the field(s) blank, but please be sure to select the Division/Department so that we can assign the ticket to the correct Department Registration Authority Officer (DRAO), who will contact you to finalize completion of the request.


Department Registration Authority Officers (DRAO)

The InCommon Certificate Service allows for delegated administration of certificate requests and approvals. The following divisions and departments have authorized Department Registration Authority Officers (DRAOs) who will support the certificate needs for their assigned division and/or department:

  • Arts 
  • Business and Administrative Services (BAS)
  • Engineering and Center for Biomolecular Science & Engineering
  • Humanities 
  • ITS (including academic and administrative systems) 
  • Library 
  • Physical & Biological Sciences 
  • Social Sciences 
  • UCO Lick 
  • University Extension

If a DRAO has not been identified for your division or department, you may submit a DRAO nomination for your division/department via IT request ticket (select "Web Services" > "SSL Certificates"). Please include the employee name, email address, and the division/department they will represent. Approval processing may take two business weeks.


Policy Exceptions

The use of digital certificates at UCSC is governed by UCSC's Digital Certificate Policy. Uses of digital certificates that do not comply with Sections II and VI of this policy must be approved by the campus Information Security Officer (ISO). The ISO may require additional review in order to evaluate requests and/or may require implementation of compensating controls.


Get Help

If you are having problems with a certificate and need assistance: