Last updated: 
2 months 1 week ago
Group Manager
Welcome to the Jisc Certificate Service group. The service offers a number of different X509 SSL certificates, including Extended Validation certificates that give users the highest possible assurance, as well as S/MIME email certificates for digitally signing emails. Jisc has an agreement with the Certificate Authority, QuoVadis who is the provider of the certificates. The service has been running since 2006 and has issued many thousands of certificates to organisations in UK research and education. This is a Community group where users can obtain relevant information, receive service updates and provide feedback.

Update - Underscore characters in dnsNames for SSL Certificates

14 November 2018 at 4:27pm

With regards to our update in September regarding the underscores in domain names for SSL certificates, The CAB Forum has now clarified their position:

 “All certificates containing an underscore character in any dNSName entry and having a validity period of more than 30 days MUST be revoked prior to January 15, 2019.

After April 30, 2019, underscore characters (“_”) MUST NOT be present in dNSName entries.”

We will be adding the underscore character to the list of invalid characters very soon to stop these any future requests going through.

All customers who have a certificate containing an underscore character will be notified to revoke and request new certificates by the 15th January 2019.

Please contact us on certificates@jisc.ac.uk if you have any further questions.