This page contains policy and configuration information for NCSA Certificate Authorities.
For information on using certificates for access to XSEDE, please see:
For information on obtaining IGTF server certificates for use with XSEDE, please see:
...
For questions about the NCSA CA contact help+security@ncsaca@ncsa.illinois.edu.
For NCSA CA status, see: https://wiki.ncsa.illinois.edu/display/cybersec/NCSA +Public+Key+Infrastructure+ Status
The NCSA CA is operated by:
...
The NCSA Certificate Authorities are primarily for grid computing. They are not by default trusted by web browsers and email clients. Click here to install the NCSA CACL CA certificate in your browser.
To obtain certificates that are by default trusted by web browsers for University of Illinois web servers, so your web site visitors will not need to manually trust the NCSA CAs, visit http://go.illinois.edu/ssl or contact certmgr@illinois.edu.see NCSA Certificate Requests.
The NCSA CA Certificates are available below and also from:
...
- C=US, O=National Center for Supercomputing Applications, OU=Certificate Authorities, CN=MyProxy CA 2013
- Certificate Policy: 1.9 changelog
- Policy OID: 1.3.6.1.4.1.4670.100.2.9
- CA Certificate: PEM DER
- Signing Policy
- CRL: PEM DER
- Validity: Oct 1 2013 to Oct 1 2033
- CA Hash: c36f6349 (OpenSSL 0.9) / 7aa2b7bd (OpenSSL 1.0)
- This CA replaced the CN=MyProxy CA.
- example user certificate
- CILogon Basic CA: https://ca.cilogon.org/policy/basic
- CILogon Silver CA: https://ca.cilogon.org/policy/silver
- CILogon OpenID CA: https://ca.cilogon.org/policy/openid
The following NCSA CAs are now retired:
- C=US, O=National Center for Supercomputing Applications, OU=Certificate Authorities, CN=Two Factor CA 2013
- This CA ceased operation in April 2020.
- Certificate Policy: 1.9 changelog
- Policy OID: 1.3.6.1.4.1.4670.100.4.9
- CA Certificate: PEM DER
- Signing Policy
- CRL: PEM DER
- Validity: Oct 1 2013 to Oct 1 2033
- CA Hash: ca157cee (OpenSSL 0.9) / 48c8f10a (OpenSSL 1.0)
- This CA replaced the CN=NCSA Two Factor CA.
- example user certificate
...
- C=US, O=National Center for Supercomputing Applications, OU=Certificate Authorities, CN=CACL
- This CA is retired. Visit https://www.xsede.org/security/certificates for information on obtaining new server certificates and https://www.xsede.org/accessing-resources for information on using certificates to access XSEDE.
- Certificate Policy: 1.9 1.7 1.6 1.5 1.4 1.1
- Policy OID: 1.3.6.1.4.1.4670.100.1.9
- CA Certificate: PEM DER
- Signing Policy
- Validity: Apr 24 2007 to Apr 24 2027
- CA Hash: 9b95bbf2 (OpenSSL 0.9) / 5bb7d63e (OpenSSL 1.0)
- This CA is a Member Integrated Credential Service (MICS) accredited by The Americas Grid Policy Management Authority (TAGPMA), a member of the International Grid Trust Federation (IGTF).
- ncsa-cert-request script
- example host and user certificates
...