NCSA systems that rely on IGTF CAs (e.g., the InCommon IGTF Server CA, the NCSA MyProxy CA, and/or the NCSA Two Factor CA) should be configured as follows.

News

Feb 12 2020: The old COMODO RSA CA certificate used by the InCommon IGTF Server CA expires on May 30 2020, and both the XSEDE and IGTF packages have been updated to include the new COMODO RSA CA certificate. To avoid compatibility problems, please make sure your CA installation is being kept up-to-date.

CA Packages (Recommended)

To keep up-to-date with current IGTF CA configurations, NCSA systems should have one of the following packages installed and regularly updated:

• XSEDE CA List
  • Instructions for configuring the XSEDE Production Repository: http://software.xsede.org/production/repo/repoconfig.txt
  • Instructions for installing the xsede-ca-certificates RPM: http://software.xsede.org/production/CA/CA-install.html
• IGTF CA Distribution
  • Instructions for APT/Yum configuration: https://dist.igtf.net/distribution/igtf/README.txt

Manual Configuration (Not Recommended)

In case the above CA packages are not suitable for your system, please contact help+ca@ncsa.illinois.edu for assistance.