CA certificates
Posted 10 November, 2009 - 19:18
CA Certificates
(See also NGS Certificate Repository for resource administrators.)
| Description | Certificate | Revocation list | Globus Signing Policy |
|---|---|---|---|
| UK e-Science CA | Import | Import | 367b75c3.signing_policy |
| UK Root CA | Import | Import | 98ef0ee5.signing_policy |
| SARoNGS[*] | Import | No CRL [**] | ccee1974.signing_policy |
| Training CA | Import | Import | cb398b31.signing_policy |
Which certificates do I need?
If you are looking for a certificate to put into your browser, to make your certificate "work" in the browser, you only need the first of these - the UK e-Science CA.
Resource administrators and certain other applications also need the other certificates.
[*] If you need a full chain to SARoNGS, you will also need the intermediate CA: ece35fd4.cer and ece35fd4.signing_policy
[**] SARoNGS is a short lived credential service; ie the credentials it issues are short lived, so they don't need to be revoked. However, SARoNGS3 (the full production certificate) will have a CRL (which will be empty).