Digital Certificates for UofM Services

University of Memphis web servers / services requiring login credentials, or presenting and / or collecting sensitive information must use a secure (https) protocol. Information Technology Services  (ITS) has established an account with InCommon, a major vendor of online identity and trust services. Since the UofM has already been vetted by InCommon for any SSL digital certificates created for the “memphis.edu" domain, it is possible to process and acquire new and renewed certificates with a very quick turnaround.

The majority of the centrally processed digital certificates are used to secure servers hosting enterprise services such as umDrive, umWiki, and the myMemphis portal. Campus server administrators may obtain SSL digital certificates for official university servers by generating a Certificate Signing Request (CSR) and sending it, along with the type of server (i.e. Apache, Tomcat, Microsoft IIS 7.x, etc.) by submitting a Service Desk Ticket with this request.

To ensure prompt issuance of a digital certificate, some attributes require specific values: CN listed in the CSR must be a Fully Qualified Domain Name (FQDN); i.e. CN=service.memphis.edu; the Organization attribute must be The University of Memphis (O=The University of Memphis) and the organization unit or department must be Web Services; i.e. OU=Web Services

The vendor expects an exact match on this information.  Any deviation in this information will result in a delay of processing the digital certificate request. Additionally, the CSR must be generated with a new minimum 2048-bit private key using minimum SHA-256 With RSA Encryption.

Server administrators may check CSR validation with Comodo's DecodeCSR API .