TCS - Trusted Certificate Service
Change of TCS provider as of May 1, 2020
- The contract with the previous TCS provider DigiCert expires on April 30, 2020. Until then, certificates can be requested from DigiCert and must be issued if all requirements are met. Certificates issued by DigiCert up to and including April 30, 2020 remain valid until the expiry date of the certificate.
- From May 1, 2020, certificates can only be obtained from the new TCS provider Sectigo (see below).
GÉANT, the umbrella organization of Europe's National Research and Education Networks (NRENS), has signed a framework agreement with Sectigo Limited regarding the provision and administration of X.509 certificates. GÉANT provides this Trusted Certificate Service (TCS) to all participating NRENs.
ACOnet has subscribed to this agreement and therefore is able to provide its members with several types of certificates, free of charge and in unlimited numbers. This service is offered exclusively for ACOnet participants, based on a supplemental agreement (see below). This supplement needs to be signed by an authorized person at the participant's organization and to be sent to ACOnet by postal service.
- TCS Zusatzvereinbarung 4.1.pdf(275 kB)
Types of Certificates
The Trusted Certificate Service offers several types of certificates. They all may be requested via the Sectigo Portal.
- TLS/SSL Server Certificates
Sectigo provides web interfaces for requesting server certificates, as well as for approving such requests. The latter being the task of the TCS administrator at the respective ACOnet participant.
- Personal Certificates
Personal certificates serve to identify individual users and may be used to sign e.g. e-mails or PDF documents.
- Code Signing Certificates
Code Signing Certificates serve to confirm the authenticity of software distributed over the Internet.