Overview

Hosts in the "ucsb.edu" domain can acquire SSL certificates. 

The following SSL certificate types are available for ucsb.edu domains through our enterprise agreement with InCommon: Standard, Wildcard, and Subject Alternative Name (SAN or multi-domain). Certificate use is free to departments. 

Update: As of September 1, 2020, the Safari browser found on all iOS and macOS devices will reject any new website cert valid for more than 398 days. The policy does not affect older certs issued before September 1, 2020. 

Request Information

The following SSL certificate types are available for ucsb.edu domains through our Enterprise agreement with InCommon: Standard, Wildcard, and Subject Alternative Name (SAN, or multi-domain). There is no charge to departments for use of these certificates.

The following steps apply to new and renewal certificates:

  1. Generate a Certificate Signing Request (CSR). For instructions, select your server type on the Comodo Knowledgebase CSR Generation page.
    1. Note that the "Organization Name" must be "University of California, Santa Barbara" (note the comma after "California"), and the "Common Name" must end with "ucsb.edu".
    2. Use a 2048-bit or larger key when generating the CSR. Anything shorter will be rejected. Those requesting a certificate renewal using an existing CSR should verify the key length is at least 2048 bits.
  2. Complete the SSL Certificate Request Form.

Special Considerations

This process is only applicable to certificates for hosts with a name ending in "ucsb.edu." No other domains are approved for this process. Please read all of the above information before you submit a Certificate Signing Request (CSR).

Subdomain Delegation

Departments/organizational units may request the independent management of SSL certificates within the Department's associated subdomain(s). More information is available on the SSL Certificates - Subdomain Delegation page

Support

Contact ssl@ucsb.edu

Service Level Agreements (SLAs)

Not applicable.