Last updated: 
4 months 1 week ago
Group Manager

Welcome to the Jisc Certificate Service group.

The service offers a number of different X509 SSL certificates, including Extended Validation certificates that give users the highest possible assurance, as well as S/MIME email certificates for digitally signing emails. Jisc has an agreement with the Certificate Authority, QuoVadis who is the provider of the certificates.

The service has been running since 2006 and has issued many thousands of certificates to organisations in UK research and education.

This is a Community group where users can obtain relevant information, receive service updates and provide feedback.



Q1) What is the change?

From 1 August, new industry regulation states that Certificate Authorities (CAs) must no longer rely on checking a public WHOIS record to validate domain ownership. Instead, customers requesting a certificate must demonstrate a ‘positive interaction’ to show they have control over/ownership of the domain to be used in a certificate.


Change to Certificate Service – from 1st March 2018

Q1) What is the change in the maximum duration of certificates?

    A) The maximum duration will be limited to 2 years, currently this is 3 years.

Q2) What certificates are affected?

    A) Only medium assurance Organisation Validated (OV) certificates. High assurance Extended Validation (EV) and Wildcard  certificates are already limited to 2 years.

Q3) Who is driving this change?


We're pleased to announce that from today the service can provide end user certificates, which are used for digitally signing and encrypting emails. These are called S/MIME (Secure/Multipurpose Internet Mail Extensions) certificates.

S/MIME are installed on email clients which then enable the end user to send digitally signed emails, giving recipients assurances that the email originated from the sender's account. By signing emails, recipients can also have confidence that the contents of the email has been been altered in transit.


The change to the number of credits required for certificates with 5 or more domains takes effect from 5 September 2017. The cost of Mixed certificate credit bundles will remain unchanged.

The only changes are as follows:


The following certificates can be obtained through the Jisc Certificate Service's web app, found in the App Centre here:

The service provides Extended Validation (EV) server certificates S/MIME end user for digitally signing emails for high, both of which offer users the highest possible assurance. Business/Organisation Validated (OV) and Wildcard (of OV type) certificates are also available.


All certificates issued are SHA-256.



For all FAQs please click on the header link 'Charging FAQs'

Jisc Certificate Service – charging update 24.04.2013 - 10 new points:

1. Why is the date for charging being moved?


To apply for membership of the Jisc Certificate Service, please download, complete and sign the application form. It must be signed by someone with the appropriate level of authority to sign on behalf of your organisation. The completed form can be scanned and emailed (to, faxed (0300 300 2213) or posted back to Jisc, Lumen House, Library Avenue, Harwell Campus, Didcot, OX11 0SG


Availability of SHA-256 certificates: 14 October 2014
We’re pleased to announce an agreement has been reached between TERENA and Comodo which will enable customers to obtain SHA-256 certificates. This is available with immediate effect and all certificates obtained from the service will be by default SHA-256.

Prev | Next