This site requires JavaScript to be enabled
811 views

3.0 - Updated on 2022-06-10 by Brandon Bauer

2.0 - Updated on 2021-06-08 by Paul Drake

1.0 - Authored on 2017-04-28 by Jason Williams

Purpose and Scope

The purpose of this standard is to define how SSL certificates are to be used to confirm identity, secure communications between devices, and ensure the integrity of transmissions for Information Technology (IT) services provided by the Office of Information Technologies (OIT) or other departments at the University of Notre Dame.  This standard applies to all certificates that run on or affect production services. Use of this standard on Development and Test systems is strongly encouraged.

SSL Certificate Usage

All SSL certificates are to be 2048-bit or greater except for those being used for educational applications in computer labs that are NOT customer facing applications. The following individuals are authorized to provide SSL certificates for customer facing applications:

Self-signed SSL certificates can also be used in the following situations:

SSL Certificate Management

The departmental IT director must select the certificate manager for his/her department. Each department must have a minimum of two certificate managers.

The departmental IT director must send email to infosec@nd.edu when a certificate manager leaves the University, moves to a new job within the University, or no longer is the appointed certificate manager for his/her department.

If you are in one of the following departments, you can request a new SSL certificate from your departmental IT support staff:

If you are not in one of the departments listed above and need to request an SSL certificate, you can do so by filling out an SSL request form.

You can find certificate reports for your team on the "My ServiceNOw" dashboard under the "My Teams Certs" tab.  Other helpful reports can be found by searching for "cert" under "All" reports in ServiceNow.

Definitions

Certificate Authority

An entity that issues digital certificates.

Certificate Manager

An individual assigned by a departmental IT director to manage the SSL certificates within that department. A certificate manager will be able to create, renew, revoke and replace SSL certificates for domains assigned to their department.

Customer Facing

Any application that provides services to the campus community and/or the world.

Educational Purposes

Having to do with, or pertaining to, a computer lab environment configured for the education of students.

SSL (Secure Socket Layer) Certificate

A digital certificate used to verify the identity of a website, provide for secure communication between devices, and ensure the integrity of the data being sent.

Self-Signed SSL Certificate

An SSL certificate not provided by a third-party certificate authority (e.g., Verisign, GeoTrust, Comodo, etc.).