it.ucsf.edu

InCommon - How to Request a Certificate

Installing a server certificate does not mean that your server is secure. It allows the client to establish a secure connection to the server. Therefore, before contacting IT to request a web server certificate you will need to harden your server.

1. Generate a key and a 2048 bit Certificate Signing Request (CSR).

  • Refer to your products documentation on how to perform these steps; or
  • Comodo's Knowledgebase on CSR creation.

2. Create/Submit a Service Now Ticket.

A. Connect to the UCSF Information Technology Help and click on ITS Security.

B. You may be required to log-in using your UCSF MyAccess Account.

C. Click on SSL Certificate Request.

D. A General Request window will open, auto-populating the requester information. You will be required to complete the following fields:

1. Type of certificate:SSL, Multi-Domain, etc..

2. Email: contact email (e-mail address to receive notices regarding certificate)

3. Web Server Software and/or Device: if known, please specify the system the certificate is for

4. Primary Function: please give a brief description of what the certificate will be used for (e.g. web server, file server, application authentication server, etc.)

5. Server IP: the IP/network address of the server

6. DNS:Domain Name System

7. Names: list any fully qualified domain names that need to be included in the certificate (This filed populates only when you select Multi-Domain SSL)

8. Certificate Signing Request (CSR):Paste a copy of the Certificate Signing Request (CSR)

9. Click on Order Now

 

3. The information will be submitted to IT Security for processing.

A. IT Security will run a vulnerability scan on the server and provide you with the results.