SSL Certificate

Overview

This service allows UFV Staff to request an SSL certificate to enable securely encrypted HTTPS traffic to their UFV website, blog or online service. In order to request this service you will need to first generate a Certificate Signing Request or CSR using OpenSSL or another tool bundled with your web server. Once submitted this will allow us to generate an SSL certificate with our certificate authority on your behalf. You will also need to know what type of web server the service is running on (Apache, IIS, Tomcat, etc.) in order for us to determine what type of certificate file to supply you. Once completed the certificate will be sent to you for you to deploy.

Only services accessible from outside UFV or production systems should receive a standard SSL certificate. Systems that require the user be on campus, have access via a remote connection method such as Windows Remote Desktop (RDP) or a Virtual Private Network or systems used for testing, development or research should instead make use of a wildcard certificate. Generating and deploying these wildcard certificates should be done using the same methods as a standard certificate but instead using the common name of *.ufv.ca rather than the subdomain of the service. Although a wildcard certificate can be used on more than one service on more the one subdomain this should not be done. Please generate a unique CSR with a unique private key for each wildcard certificate you plan to deploy. All wildcards are minted with the same expiry date.

Information Required

UFV employees can complete the SSL Certificate request form to request an SSL certificate. Please provide the following information when filling out the form:

• System Type (e.g. prod, test)
• Wildcard use
• New or renewal
• Number of requests
• Fully qualified domain names
• Server type
• CSR file (as an attachment)

Instructions

Click the "Submit SSL Certificate Request" button and complete all required fields on the form. 

Support