Download as PDFDownload as PDF
PMCs can edit other PMCs: 
Prevent PMCs Creating MCs: 
Group visibility: 
Public

Certificate Service

Rating:
0
Your rating: None
3.62069
Average: 3.6 (29 votes)
Publisher:
Janet
Launch App
You need to log in to the site to use this app. You can do this at the top of the page.

The Certificate Service app enables you to obtain SSL server certificates. The service provides a host of different types of certificate solutions, each meeting a different set of requirements.

 
 
 
 

The cert service is frustrating - it logs me out continuously in chrome and buttons are chopped off in IE making it impossible to use.

The emailing has changed such that the end recipients for certs get told they can download a certificate even though they have no access. The new service really is a retrograde step, to the point I'm wondering whether we'll continue using it.

Hi Alex,

Thank you for taking the time to provide feedback on the new service. I'm sorry to hear about the problem in Chrome, something we were not aware of. We're currently working on fixing issues with IE and expect it to be resolved shortly.

Based on early user testing it was requested that the email to which the expiring reminder was sent should be copied in on the 'certificate is available to download' email, however based on further customer feedback this is being reversed and emails will stop being sent to the Expiry Reminder address from later this week.

I hope the other changes we've made to the service, such as the better and quicker validation process for higher assurance certificates (Organisation and Extended validation) and the ability to add additional SANs outside of the CSR, have improved the service for you.

I quite agree - the certificate service is slow and frustrating to use. It takes a large number of mouse clicks to obtain a certificate, and the layout is very poor - you have to scroll down or sideways to see some of content. Nearly all our certificates require exactly the same information to be entered, so it should be possible to enter defaults for everything and just enter the CSR.

Adrian Barker,

UCL.

Hi Adrian,

Thanks for your feedback. With the launch of the new Certificate Service we are experiencing a few teething problems which we are busy working on to correct, including the responsiveness which you should see an improvement to shortly.

I have taken on board your feedback regarding creating a function to set up certificate requests which default to a chosen type, duration and server software, which we will look at at the next service review.

While this application itself is genuinely useful, there are a few areas where it could be improved.

Firstly, an option to renew certificates would be incredibly useful.  Having to request new ones a month before the existing ones expire is mildly frustrating.

Secondly, having a filter to only show valid certificates would be useful.  When checking to see what needs renewed soon, I don't need to see certificates that expired 3 years ago or were rejected due to an invalid CSR.

Finally, and I suspect this isn't an issue with the application itself, but when buying OV certificates having to verify my organisation every single time just annoys our reception staff with automated phone calls.  Surely once should be enough?   Edit: apparently this is no longer necessary.

Otherwise an incredibly useful application, and much cheaper than having to go to commercial providers!

Great app but would it be possible to make it even more useful and save us maintiaining additional information separately by including:

  1. a notes field where we can add additinal information about the system the cert is required for
  2. a system-wide addtional email address that expiration alerts are send to (in addtion to the cert requester)

Thanks

Hiren

Love the service itself - the price is great.

1. I do find the unwillingness to offer a first level domain for your own domain name a bit frustrating - I understand the reasons behind this - but yes if you really want us to use NAT where possible this is unavoidable.   Most of the time these certs sit on one firewall.

2. The other thing - is it can still be very frustrating waiting for someone somewhere to click the button to release a certificate. Taking point 1) into consideration it's surprising how easy it is to get caught out without a certificate and then having to wait an indeterminate number of hours for a result.  On the new modern default secure internet - this results in service outage.  Comodo were a nuisance, but they'd always release if you phoned direct.

You need to be logged in to review this app. You can follow the "Login" button at the top of the page to log in, or "Register" to create a new account.