To provide a streamlined approval process for getting a certificate signed, Western University is enrolled in the Enterprise PKI solution from Thawte Certification. This agreement between Western University and Thawte allows a local representative to approve signing requests from on campus. This removes the sometime lengthy and complex approval process that would be required without this agreement.
As of December 1, 2017 Thawte has restructured and created a new Intermediate certificate.
You will need to install this new Intermediate certificate on your server. http://wts.uwo.ca/pki/Thawte/certificates/digicert/Thawte_RSA_CA_2018.pem
There are 2 Enterprise Security Officers (ESO) for Western University. They have been vetted by Thawte to manage the account. You can contact them at email@example.com.
We provide Thawte certificates for the following validated domains:
WTS does not charge for this service but there are fees charged by Thawte, that are passed on to the requestor. For information on these fees send a message to firstname.lastname@example.org for current pricings. WTS will require a PeopleSoft account number to charge this fee to. Since Thawte charges in US funds it will be converted into Canadian funds on the day of purchase using the exchange rate given on the Finance Departments web site.
Thawte news and alerts
News and alerts are posted on the Thawte website at https://www.thawte.com/support/
Importance of a Signed Certificate
Thawte Certification required a strong approval process in order to maintain a good reputation as a Certificate Authority (CA) on the internet. Abuse of the Enterprise PKI solution may cause harm not only Western University but also Thawte Certification and all the other Internet Parties Thawte certifies. Therefore certificates should be treated with a strong importance. Consider them official documents of Western University to be protected and used properly.
Certificate revocation and renewal
In the event that a certificate (or the server on which it resides) is suspected of having been compromised in any way, contact email@example.com. immediately to initiate revocation of the at-risk certificate and reissuance of a new certificate. Similarly, when a certificate is expiring (or if it has already expired), contact firstname.lastname@example.org. to arrange for certificate renewal (or revocation, if applicable).
How does the Enterprise PKI solution work?
- WTS has provided a web interface in which certificate requests can be submitted and approved. The turn around time of this process can be as little as 1 working day. Here is the basic process flow for generating a CSR and getting it signed and installed.
- Requestor generates a Private Key and Certificate Signing Request (CSR)
- Requestor submits the CSR through the WTS web form.
- WTS will verify this request and contact you if any issues
- WTS will approve and submit the request to Thawte
- Upon approval, your web certificate will be signed by Thawte
- When ready, the administrative and technical contacts will receive an email from a WTS pki administrators
- This will contain the certificate.
Additional InformationIf you have any questions about this process please send them to email@example.com. Additional information on the Enterprise PKI solution can be found at Thawte Certification
Published on and maintained in Cascade CMS.