Secure Sockets Layer (SSL) is a security protocol that provides an encrypted Internet connection. An SSL certificate is proof from an independent third party that your website belongs to the organization it says it does and that your users will be transmitting information via an encrypted connection. You should use an SSL certificate to protect any website or service that handles sensitive data such as login credentials.
Certificates can also be used to sign documents electronically or to sign code for distribution.
OSU is now registered for the InCommon Certificate service. With this membership, OSU has unlimited access to SSL certificates at no additional cost to individual service providers. All OSU-owned domains are covered. The following certificate types are available: web server SSL certificates, extended validation certificates, code signing certificates, wildcard certificates and SAN certificates. The certificate authority (CA) is Comodo, an industry-standard CA trusted by most clients.
To obtain a certificate through InCommon, please complete the InCommon SSL Certificate Request Form.
Thawte - To request or renew a Thawte certificate, please use the form below. However, please be aware that OSU now has access to free certificates from InCommon (see above).
Windows Servers - All domain-joined Windows servers in the Oregonstate AD forest can make use of AD SSL certificates at no cost. The certificates will automatically be trusted by AD-joined client machines at OSU. To request a Windows certificate, please email ServerSupport@oregonstate.edu.
Other CAs: You may request an SSL certificate from another Certificate Authority and the request will typically be forwarded to the WHOIS contact for the domain name of the host.
IPSCA - You may also request an SSL certificate from IPSCA, a certificate authority that provides free 2 year SSL certificates to EDU customers. Please Note: we have experienced some support issues with IPSCA and are no longer recommending this service.
IPSCA certificates should work with all major browsers but we do not have a lot of experience with this vendor yet, so use at your own risk. These certificates are ideal for systems with limited use that you might currently be securing with a self-signed certificate.
The following steps should be followed by the system administrator of the server that the SSL certificate will be hosted on.
Once we have reviewed your request, you will receive an email back from us indicating that you can proceed with the renewal or acquisition.