TLS Server Digital Certificate Purchase Service
***Heartbleed Certificate Replacement***
Replacements for existing Comodo certificates are available at no charge if ordered from this service. Keys must be regenerated. Send new CSR to email@example.com with the FQDN specified in the body of the email. Do not use this form for replacements due to 'heartbleed' issue. When you have completed the installation ofyour replacement certificate, notify firstname.lastname@example.org - in the email body enter: revoke FQDN. We will then initiate revocation of the replaced certificate.
The Information Security group of I+TS facilitates the purchase of Comodo Group TLS (formerly known as SSL) Certificate products for University server administrators. This service provides advantages over purchasing direct from a commercial Certificate Authority:
- the site validation process for the utoronto.ca or toronto.edu domains is completed.
- significant cost reduction.
- the Information Security group in I+TS adds a departmental contact vetting process to ensure authorization to use server certificates (see note for more details below).
- notification of imminent cert expiry is provided at least two weeks before the expiry date.
The following certificate products are available for order. Single server certificates can be ordered using the form below - all other products need to be ordered via email to security.admin "at" utoronto.ca.
Server certificates: these are used to protect one domain name. Note that all of these certs include 'www. ' as well as the fully qualified domain name specified. A single certificate can be used with unlimited logical or physical servers. Use the form below to order server certificates.
Wildcard certificates: these are used to protect a range of domain names under a single domain level. eg. '*.mysubnet.utoronto.ca'. It does not include the single name 'mysubnet.utoronto.ca'. Contact security.admin "at" utoronto.ca for information and pricing.
Multi-domain certificates: these are used to protect a range of domain names with no restriction. Contact security.admin " at" utoronto.ca for information and pricing.
Note for I+TS orders: All cert purchases must be approved at the director/manager level. Use Billing Contact field below to enter director/manager approver name.
Note on certificate issuance verification: The certificate issuance validation feature that is provided with this service adds an extra degree of assurance for site administrators and end users. Before cert orders are processed, the site administrator authorization is vetted by checking the authoritative /etc/networks file. If the admin is not present in that database, they are requested to have someone who is validate the request. Note that this may delay the issuance of the the certificate.
Site users can be assured of this validation process when they see the Comodo cert on a University website. This is a step above how a commercial CA handles validation for low cost products - such CAs compare the requestor with the owner of the domain name only. This has minimal effectiveness since spammers obtain domain names.
Comodo InstantSSL Server Certificate
|Validation Term (yrs)
||Unit Price ($)