This site requires JavaScript to be enabled

InCommon Certificate Manager - SSL Certificate Creation

2682 views

19.0 - Updated on 02-27-2025 by Ronald Rossman (rjr162)

18.0 - Updated on 02-27-2025 by Ronald Rossman (rjr162)

17.0 - Updated on 02-26-2025 by Ronald Rossman (rjr162)

16.0 - Updated on 02-26-2025 by Ronald Rossman (rjr162)

15.0 - Updated on 02-26-2025 by Ronald Rossman (rjr162)

14.0 - Updated on 02-26-2025 by Ronald Rossman (rjr162)

13.0 - Updated on 02-25-2025 by Jeremy Waite (jdw28)

12.0 - Updated on 06-20-2024 by Steven Baylis (sgb120)

11.0 - Updated on 05-17-2022 by Jeremy Waite (jdw28)

10.0 - Updated on 02-04-2021 by Jeremy Waite (jdw28)

Article Intended For

This article is intended for PSU faculty and staff that have a Secure Certificates subscription.

Introduction

The purpose of this article is to provide step-by-step instructions on how to obtain certificates using the InCommon Certificate Manager.

Step-by-Step Instructions

  1. Once your account is created visit https://cert-manager.com/customer/InCommon/ and at the login screen click the InCommon Federated Login button.  On the next screen select Penn State from the drop down and click the select button. After clicking select you will be redirected to the Penn State Web Access login screen and you can then login with your standard Penn State Access Account.  

         

  2. Click the hamburger menu on the upper left of the page and expand certificates and then click SSL Certificates.  Once the certificates list appears click the plus symbol button on the upper right to create a certificate.

          

  3. Select Using a Certificate Signing Request (CSR) and click Next.



  4. On step 1 the organization and department fields will autofill. If you are a member of more than one department use the pull down to select the correct department that you are submitting the request for.

    Select the drop down for the certificate profile that you'd like. In this example we will use InCommon SSL Single General Profile.

    If you select one of the InCommon Multi Domain options, a DNS Names field will appear on step 3 and list all of the subject alternative names from your CSR.
    The certificate term should auto select 1 year. Some certificate profiles may offer a 398 day or short terms as well.



  5. For the external requester field, type the email address that you'd like the completed certificate notification to be delivered to and click the plus symbol to the right to add the email address to the request. We recommend using a listserv or group email address that include others in your unit who help manage the SSL certificates so they receive the notifications as well.

    After entering an email address, click the "+" icon to add it to the list. You can add more than one address to this field.




  6. On step 2 paste in the CSR that you generated for your certificate and click next




  7. On step 3 you will see the domains listed that your certificate request contains.  If you selected a multi-domain certificate you should see more than one domain listed on this step.


     

  8. On step 4 make sure auto renewal is not selected and click ok. After a few seconds the certificate will appear in the main window. Click the checkbox to the left of the certificate common name and click the view button. In the SSL Certificate window click the download arrow on the right hand side and select the type of certificate that you'd like to download.




  9. If you would like to revoke a certificate for any reason select the checkbox to the left of the certificate common name and then click the revoke button at the top.  You will be presented with a pop up box that asks for the revoke  reason.  It is required that something is typed in this box so enter your revoke reason and click ok and the certificate will be revoked and the status will change to say revoked in yellow text.



                                                                                               
Revised by Ronald Rossman (rjr162)
Last modified 4 months ago