Last updated: 
3 weeks 6 days ago
Group Manager
Welcome to the Jisc Certificate Service group. The service offers a number of different X509 SSL certificates, including Extended Validation certificates that give users the highest possible assurance, as well as S/MIME email certificates for digitally signing emails. Jisc has an agreement with the Certificate Authority, QuoVadis who is the provider of the certificates. The service has been running since 2006 and has issued many thousands of certificates to organisations in UK research and education. This is a Community group where users can obtain relevant information, receive service updates and provide feedback.

Certificate types

24 January 2017 at 2:06pm

The following certificates can be obtained through the Jisc Certificate Service's web app, found in the App Centre here:

The service provides Extended Validation (EV) server certificates S/MIME end user for digitally signing emails for high, both of which offer users the highest possible assurance. Business/Organisation Validated (OV) and Wildcard (of OV type) certificates are also available.

-----

All certificates issued are SHA-256.

-----

1. QuoVadis Extended Validation (EV) SSL certificate - recommended by Jisc for high profile web services

  • Provides the highest level of assurance for end users by turning the address bar green;
  • Populates the 'O' and 'OU' fields in the certificate;
  • Can be used to secure Fully Qualified Domain Names (FQDNs);
  • Provides a high-level protection of 128/256 bit encryption;
  • Can be used for financial transactions;
  • Cannot be obtained for schools;
  • Issue time: up to 1 working day, average time 1 hour;
  • Issuancess ratified by the CA/Browser Forum's Baseline Requirements, see their website here for guideline details;

2. QuoVadis S/MIME end user certificate

  • Can be used to send digitally signed emails;
  • Helps to reduce chances of users falling foul to phishing scams by giving recipients assurances that the email originated from the sender's account;
  • Is installed on the end user's email client;
  • Can be used to exchange encrypted emails between S/MIME users;
  • Can be used to digitally sign documents, such as Microsoft Office and Open Office documents, according to BEIS guidelines on Advanced Electronic Signatures;
  • Can be obtained for schools;
  • Issue time: Once the order has been submitted, to download the certificate requires the user for whom the certificate is for, or an administrator, to follow instructions provided in two emails from the Certicficate Aiuthroity, QuoVadis CA.;

3. QuoVadis Business/Organisation SSL certificate - Organisation Validated (OV)

  • Can be used to secure Fully Qualified Domain Names (FQDNs);
  • Populates the 'O' and 'OU' fields in the certificate;
  • Validates the organisation is legally registered and is the owner of domain(s) being secured;
  • Provides a high-level protection of 128/256 bit encryption;
  • Can be used for financial transactions;
  • Can be used as a Unified Communications Certificate for some Microsoft applications;
  • Can be obtained for schools;
  • Issue time: up to 1 working day, average time 15 minutes;

4. QuoVadis Wildcard certificate - Organisation Validated type

  • The main use for this type of certificate is to support the deployment of EZProxy servers;
  • Wildcard certificates are available at the sub-domain level and at the top level of the domain (although caution must be exercised);
  • Populates the 'O' and 'OU' fields in the certificate;
  • Up to 9 Subject Alternative Names supported;
  • Cannot be obtained for schools.

For further information about the service and how you obtain each of the above mentioned SSL certificates, please visit the Library pages on this website here.