|
|
|
|
|
|
Web Server Certificates available at QUT |
||||||||||
Certificates at QUT FAQIf you are unsure about web server certificates and their use read the FAQ.The QUT Certificate AuthorityIf you need to run a web server that supports the https protocol (i.e. it uses SSL) you will require a Server Certificate signed by a Certificate Authority so that your server's identity can be verified by your clients' browsers.The Division of Technology, Information and Learning Support at QUT has set up a local Certificate Authority that will sign web server certificates for QUT servers. You can request that your server certificate be signed by the QUT CA. You should use these certificates if you site is only accessible from within the QUT network. This service is currently provided by IT Services at no cost to clients who provide web services that comply with the QUT IT Rules and Conditions of Use Policy. QUT Certificate Authority certificateQUT is replacing the old QUT Certificate Authority certificate which expired in October 2006. A new Certificate Authority certificate is available below and this new certificate is valid until 2015.Because of the way certificates operate, both the old and the new certificates are required to be present in web browsers until October 2007. The old certificate for the QUT Certificate Authority should already be installed in your browser if you use the QUT SOE. The new certificate has been distributed to all centrally controlled SOE computers. If you do not use a SOE image then you will need to import both the old and the new certificates if you will be using a web browser prior to October 2007. If you have installed a new web browser then you will need to import both the old and the new certificates below. If you are using a QUT Standard Operating Environment computer, you should only need the new certificate. Download the QUT CA certificate into your browser External Web Server CertificatesIf you require that the site be available externally and use the https protocol you can obtain a 128bit Web Server Certificate signed by an external provider. These certificates cost $460 each. Please read the instructions and conditions when you request a new certificate via the link below.In March 2007, Verisign changed the Certificate Authority (CA) that signs their certificates. If you use Microsoft IIS, the new certificates will work without any change. For other web server software an extra step is required. Instructions are available at http://www.verisign.com/support/verisign-intermediate-ca/secure-site-intermediate/index.html
Online Certificate Request SystemClick on the following links to access different functions of the Online Certificate Request system. Request New/Renew certificate.
Generating Certificate Signing RequestsGenerating Certificate Signing Requests (CSR's) is dependent on the type of Web server that you use. For Microsoft's Internet Information Server (IIS), please refer to the documentation. For Apache, please refer to the documentation for OpenSSL. OpenSSL usually provides the encryption layer for Apache.Some Web sites that may be useful in helping to generate key pairs and CSR files for Apache and Microsoft IIS.
|
.
