Accessibility Skip to Global Navigation Skip to Local Navigation Skip to Content Skip to Search Skip to Site Map Menu

Security Certificates

A security certificate:

  • identifies an individual or website, as asserted by a certificate authority (an organisation that certifies ownership)
  • assures visitors to your website that your business is legitimate and your website is secure
  • is sometimes referred to as a digital certificate, or a SSL certificate
  • is often called a personal certificate (if it is issued to an individual rather than an organisation)

The Information Security Office issues security certificates for secure web servers in the domain. These security certificates:

  • are obtained via AusCERT and validated by Comodo
  • are free and valid for three years
  • must not be used for payment processing

If you require certificates for non-Otago domains, or certified by different Certificate Authorities, these will be provided at cost.

Personal Certificates (i.e. S/MIME) are not issued at present. If you are interested in obtaining a personal certificate, please contact the Information Security Office.

Security certificates are requested from the Information Security Office. You will need to:

  1. generate a private key– a file containing the key(s) used for activities such as sending or accessing secure web sites. Keep this safe and do not send it to anyone, and
  2. create a Certificate Signing Request (CSR) – a file sent to the certificate authority (CA) for validation. Please send this to the Information Security Office, and include information on your server software so the correct response can be provided. The key length should be at least 2048 bits

Please contact the Information Security Office if you have further questions about security certificates.