How to Obtain SSL and Code Signing Certificates through InCommon

This Knowledge Base article guides Dartmouth College users on how to request and obtain SSL/TLS and Code Signing certificates through the InCommon Certificate Manager. With all domains pre-validated, the process is streamlined to focus on submitting certificate requests and installing them. Users can quickly secure their web services and sign applications by following the provided steps. For additional help, users are directed to contact Dartmouth IT support or access InCommon resources.

Requesting an SSL/TLS Certificate

SSL/TLS certificates are used to secure communications between users and web services by encrypting the data transmitted. Follow these steps to request an SSL/TLS certificate for your domain:

Step 1: Prepare Your Certificate Signing Request (CSR)

• Generate a Certificate Signing Request (CSR) from your server. This will include your domain name, organization details, and a public key.
• Ensure that the CSR is in the correct format (PEM encoded) and includes the correct Common Name (CN) or Subject Alternative Names (SAN) for your domain.
• Save the CSR file securely; you will need it when requesting your certificate.

Step 2: Log in to the InCommon Certificate Manager

• Navigate to the InCommon Certificate Manager portal and log in with your Dartmouth credentials.
• Ensure that you have the necessary permissions to request certificates for the domain you wish to secure.

https://cert-manager.dartmouth.edu

Step 3: Submit a Certificate Request

• Click on “Request a Certificate” and select “SSL/TLS Certificate” from the list of available certificate types.
• Enter the details required, including:
  • Certificate Type: Select the appropriate SSL/TLS type (e.g., Standard, Wildcard, Multi-domain).
  • Common Name (CN): Enter the domain name you wish to secure (e.g., www.yourdomain.dartmouth.edu).
  • Subject Alternative Names (SAN): Add any additional domains or subdomains to be included in the certificate.
  • CSR: Paste the CSR generated in Step 1 into the provided field.
• Review your request and submit it for approval. Since your domain is already validated, the certificate will be issued without further domain verification steps.

Step 4: Download and Install the Certificate

• Once your request is approved, download the issued certificate along with the intermediate certificates from the Certificate Manager.
• Install the certificate on your web server or application according to the server's requirements.
• Restart your server or application to apply the new certificate and ensure secure communications.

Requesting a Code Signing Certificate

Code Signing Certificates are used to digitally sign applications, executables, and software scripts to verify the author and ensure the code has not been altered. Follow the steps below to request a Code Signing Certificate:

Step 1: Log in to the InCommon Certificate Manager

• Access the InCommon Certificate Manager portal and log in using your Dartmouth credentials.
• Ensure you have the appropriate permissions to request a Code Signing Certificate.

Step 2: Submit a Certificate Request

• Select “Request a Certificate” and choose “Code Signing Certificate” from the available options.
• Enter the required information, including:
  • Certificate Type: Select the type of code signing certificate needed (Standard or EV).
  • Organization Details: Ensure that your organization’s information is accurate and up-to-date.
  • CSR: Generate and paste a CSR specific to code signing into the request form. The CSR should include information about the organization and the requester.
• Review and submit your request for approval. Once approved, your certificate will be issued and ready for download.

Step 3: Download and Install the Certificate

• After the certificate is issued, download it from the Certificate Manager.
• Import the certificate into your development environment or code signing tool.
• Use the certificate to digitally sign your applications, ensuring that users can trust your software’s origin and integrity.

Support and Assistance

If you encounter any issues during the certificate request process or need further assistance, please contact the Dartmouth IT support team or visit the InCommon Certificates page for more resources.