This site requires JavaScript to be enabled
An updated version of this article is available

InCommon Certificate Manager - SSL Certificate Creation

1573 views

12.0 - Updated on 06-20-2024 by Steven Baylis (sgb120)

11.0 - Updated on 05-17-2022 by Jeremy Waite (jdw28)

10.0 - Updated on 02-04-2021 by Jeremy Waite (jdw28)

Article Intended For

This article is intended for PSU faculty and staff that have a Secure Certificates subscription.

Introduction

The purpose of this article is to provide step-by-step instructions on how to obtain certificates using the InCommon Certificate Manager.

Step-by-Step Instructions

  1. Once your account is created visit https://cert-manager.com/customer/InCommon/ and at the login screen click the InCommon Federated Login button.  On the next screen select Penn State from the drop down and click the select button. After clicking select you will be redirected to the Penn State Web Access login screen and you can then login with your standard Penn State Access Account.  
         

  2. Click the hamburger menu on the upper left of the page and expand certificates and then click SSL Certificates.  Once the certificates list appears click the plus symbol button on the upper right to create a certificate.
       

  3. Select Using a Certificate Signing Request (CSR) and click Next.


  4. On step 1 the organization and department fields will autofill. If you are a member of more than one department use the pull down to select the correct department that you are submitting the request for. Select the drop down for the certificate profile that you'd like. In this example we will use InCommon SSL (SHA-2) (InCommon level). If you select InCommon Multi Domain SSL a DNS Names field will appear on step 3 and list all of the subject alternative names from your CSR. The certificate term should auto select 1 year. Some certificate profiles may offer a 398 day term as well.
  5. For the external requestor field type the email address that you'd like the completed certificate notification to be delivered to and click the plus symbol to the right to add the email address to the request. We recommend using a listserv or group email address to allow other folks to manage certificates because of staff changes, etc.  After adding the email to the request as seen in the second screenshot below click next.
  6. On step 2 paste in the CSR that you generated for your certificate and click next.                                                     
  7. On step 3 you will see the domains listed that your certificate request contains.  If you selected a multi-domain certificate you should see more than one domain listed on this step.                                                   
  8. On step 4 make sure auto renewal is not selected and click ok. After a few seconds the certificate will appear in the main window. Click the checkbox to the left of the certificate common name and click the view button. In the SSL Certificate window click the download arrow on the right hand side and select the type of certificate that you'd like to download.                                                                               
  9. If you would like to revoke a certificate for any reason select the checkbox to the left of the certificate common name and then click the revoke button at the top.  You will be presented with a pop up box that asks for the revoke  reason.  It is required that something is typed in this box so enter your revoke reason and click ok and the certificate will be revoked and the status will change to say revoked in red text.                                                                                                                                                                                                                             
Revised by Jeremy Waite (jdw28)
Last modified 05-17-2022 10:53:00 AM