System Computing Services provides Public Key Infrastructure (PKI) services to most NSHE institutions and their non-commercial affiliates, including unlimited well-trusted certificates of various types for their respective .edu and non-.edu DNS domains.

Scope

System Computing Services provides:

  • Assistance with requesting unlimited PKI certificates, which are issued by a public Certificate Authority (CA) to clients and their non-commercial subsidiaries and community partners and are valid for .edu and non-.edu DNS domains.  
  • Well-trusted certificates via InCommon, including code-signing, S/MIME, and TLS/SSL certificates; multi-domain (SAN and wildcard subjects) are permitted where appropriate.
  • Internally trusted PKI services for communication between SCS managed systems and services.
  • Revocation of previously issued certificates upon request or upon reasonable suspicion that a certificate has been misused or compromised.
  • Assistance with understanding certificate types and their technical requirements.
  • Communication of major changes related to PKI services.
  • Best effort notification of upcoming certificate expirations.

Client Responsibilities

  • Designate two PKI service technical contacts authorized to request certificates on behalf of the institution, and to receive communications related to PKI services.
  • Ensure each issued certificate is only used for its intended purpose and is either removed from service, renewed, or revoked before it expires.
  • Promptly report any suspicious activity or misuse of the PKI service to SCS Service Desk for investigation and remediation.