Thawte

To provide a streamlined approval process for getting a certificate signed, UWO is enrolled in the Enterprise PKI solution from Thawte Certification. This agreement between UWO and Thawte allows a local representative to approve signing requests from on campus. This removes the sometime lengthy and complex approval process that would be required without this agreement.

Administrators

There are 2 Enterprise Security Officers (ESO) for UWO. They have been vetted by Thawte to manage the account. You can contact them at web-certificates@uwo.ca.

Valid domains

We provide Thawte certificates for the following validated domains:
  • uwo.ca
  • westernu.ca

Pricing Information.

WTS does not charge for this service but there are fees charged by Thawte, that are passed on to the requestor. For information on these fees send a message to web-certificates@uwo.ca for current pricings. WTS will require a PeopleSoft account number to charge this fee to. Since Thawte charges in US funds it will be converted into Canadian funds on the day of purchase using the exchange rate given on the Finance Departments web site.

Thawte news and alerts

News and alerts are posted on the Thawte website at https://www.thawte.com/support/

Importance of a Signed Certificate

Thawte Certification required a strong approval process in order to maintain a good reputation as a Certificate Authority (CA) on the internet. Abuse of the Enterprise PKI solution may cause harm not only the UWO but also Thawte Certification and all the other Internet Parties Thawte certifies. Therefore certificates should be treated with a strong importance. Consider them official documents of the University to be protected and used properly.

Certificate revocation and renewal

In the event that a certificate (or the server on which it resides) is suspected of having been compromised in any way, contact web-certificates@uwo.ca. immediately to initiate revocation of the at-risk certificate and reissuance of a new certificate. Similarly, when a certificate is expiring (or if it has already expired), contact web-certificates@uwo.ca. to arrange for certificate renewal (or revocation, if applicable).

How does the Enterprise PKI solution work.

UWO has provided a web interface in which certificate requests can be submitted and approved. The turn around time of this process can be as little as 1 working day. Here is the basic process flow for generating a CSR and getting it signed and installed.

Requestor generates a Private Key and Certificate Signing Request (CSR)

Requestor submits the CSR through the WTS web form.

WTS will verify this request and contact you if any issues WTS will approve and submit the request to Thawte

Upon approval, your web certificate will be signed by Thawte

When ready, the administrative and technical contacts will receive an email from a UWO pki administrators This will contain the certificate.

Additional Information.

If you have any questions about this process please send them to web-certificates@uwo.ca. Additional information on the Enterprise PKI solution can be found at Thawte Certification

Published on  and maintained in Cascade CMS.