Last updated: 
2 weeks 2 days ago
Group Manager
Welcome to the Jisc Certificate Service group. For an update on the NEW Jisc certificate service please follow the below link. The New Jisc Certiface Service  The service offers a number of different X509 SSL certificates, including Extended Validation certificates that give users the highest possible assurance, as well as S/MIME email certificates for digitally signing emails. Jisc has an agreement with the Certificate Authority, QuoVadis who is the provider of the certificates. The service has been running since 2006 and has issued many thousands of certificates to organisations in UK research and education. This is a Community group where users can obtain relevant information, receive service updates and provide feedback.

EV TLS/SSL Certificates Issue

25 August 2020 at 3:26pm

An issue regarding the use of the OCSP Signing EKU in issuing CAs is affecting hundreds of CAs in the industry including QuoVadis (see more at https://www.digicert.com/blog/working-with-delegated-ocsp-responders-and-eku-chaining/).

We will communicate with each institution separately and provide a list of the affected certificates shortly with instruction on replacements that will be required. We will add the necessary credits to the account to issue replacements

Affected CAs and replacement:

QuoVadis EV SSL ICA G3 – must be replaced before December 30, 2020

Replacement CA: http://trust.quovadisglobal.com/quovadiseuropeevsslcag1.crt (replaces QuoVadis EV SSL ICA G3)

The EV download through the portal now contains the new CA so please ensure this is installed also.

If you have any questions please email certificates@jisc.ac.uk