This page contains policy and configuration information for NCSA Certificate Authorities.

For information on obtaining IGTF server certificates for use with XSEDE, please see:

For information on obtaining server certificates for NCSA hosts, please see:

For questions about the NCSA CA contact help+ca@ncsa.illinois.edu.

For NCSA CA status, see: NCSA Status

The NCSA CA is operated by:

 National Center for Supercomputing Applications
1205 West Clark Street, Urbana IL 61801 USA

The NCSA Certificate Authorities are primarily for grid computing. They are not by default trusted by web browsers and email clients.

To obtain certificates that are by default trusted by web browsers, so your web site visitors will not need to manually trust the NCSA CAs, see NCSA Certificate Requests.

The NCSA CA Certificates are available below and also from:

NCSA currently operates the following Certificate Authorities:

The following NCSA CAs are now retired:

  • C=US, O=National Center for Supercomputing Applications, OU=Certificate Authorities, CN=Two Factor CA 2013
    • This CA ceased operation in April 2020.
    • Certificate Policy: 1.9 changelog
    • Policy OID: 1.3.6.1.4.1.4670.100.4.9
    • CA Certificate: PEM DER
    • Signing Policy
    • CRL: PEM DER
    • Validity: Oct 1 2013 to Oct 1 2033
    • CA Hash: ca157cee (OpenSSL 0.9) / 48c8f10a (OpenSSL 1.0)
    • This CA replaced the CN=NCSA Two Factor CA.
    • example user certificate
  • C=US, O=National Center for Supercomputing Applications, OU=Certificate Authorities, CN=CACL
  • C=US, O=National Center for Supercomputing Applications, OU=Certificate Authorities, CN=MyProxy
    • This CA was replaced by MyProxy CA 2013.
    • Certificate Policy: 1.6 1.5 1.4 1.3 1.2 1.1
    • Policy OID: 1.3.6.1.4.1.4670.100.2.6
    • CA Certificate: PEM DER
    • Signing Policy
    • Validity: Apr 24 2007 to Apr 24 2027
    • CA Hash: f2e89fe3 (OpenSSL 0.9) / d492aff2 (OpenSSL 1.0)
    • This CA is a Short Lived Credential Service (SLCS) accredited by The Americas Grid Policy Management Authority (TAGPMA), a member of the International Grid Trust Federation (IGTF).
    • example user certificate
  • C=US, O=National Center for Supercomputing Applications, OU=Certificate Authorities, CN=Two Factor CA
    • Certificate Policy: 1.8 (Note: Material changes from prior NCSA Certificate Policies are marked in green.)
    • Policy OID: 1.3.6.1.4.1.4670.100.4.8
    • CA Certificate: PEM DER
    • Signing Policy
    • CA Hash: 679cff61 (OpenSSL 0.9) / 9c3efee6 (OpenSSL 1.0)
    • This CA was a Short Lived Credential Service (SLCS) accredited by The Americas Grid Policy Management Authority (TAGPMA), a member of the International Grid Trust Federation (IGTF).
  • C=US, O=National Center for Supercomputing Applications, OU=Certificate Authorities, CN=GridShib CA
    • This CA ceased issuing certificates on Mar 7 2013. All issued certificates have now expired.
    • Certificate Policy (1.6 1.5 1.4)
    • Policy OID: 1.3.6.1.4.1.4670.100.3.6
    • CA Certificate: PEM DER
    • Signing Policy
    • CA Hash: e8ac4b61 (OpenSSL 0.9) / d87163a8 (OpenSSL 1.0)
    • This CA was a Short Lived Credential Service (SLCS) accredited by The Americas Grid Policy Management Authority (TAGPMA), a member of the International Grid Trust Federation (IGTF).
  • No labels