JANET-Connected Organisations

Since JANET-connected organisations can obtain certificates free of charge from the JANET Server Certificate Service, they will normally only use the procedure described here if the certificate is also to be used to secure financial transactions, for which SCS certificates may not be used.

Applying for an .ac.uk Certificate

For .ac.uk domains only, follow this procedure. In the last step of the process, when you are asked to supply documentation appropriate for your organisation, you should send two items:

  • First, the certificate request form printed out during the application process. This must be signed by your institution's head of IT or equivalent.
  • Second, a covering letter on the institution's letterhead.

The covering letter should be signed by the same person who signed the form, and should state that this person is entitled to act for the institution. This letter replaces the "proof of your company's legal status" requested at the end of the online process. GlobalSign's suggested wording is:

This letter is to confirm that I, Mister XXX, Head of XXXXX department,
for the purpose of purchasing ServerSign Certificates, is authorised to
bind legally XXXX University.

They also request that the letter should be accompanied by this person's business card, if possible. The following alternative form of words has also worked:

This is to endorse the attached certificate requests for domain names xxx
and yyy. These domain names are registered to the University of zzz.

After you receive the signed certificate back from GlobalSign, the next step is to register an identity or service provider as described at JoinFederation.

Root Certificates

As well as your own certificate you will also need to download a copy of GlobalSign's "intermediate CA certificate" from http://www.globalsign.com/support/root-organizationssl.html. Save this as gs_organization_ca.crt for use later.