Server Certificate Service
More information
If you would like to know more on SCS in your country, check the Participants section of this site.
Root and intermediate CA certificates (PEM format)
- GTE Cybertrust Global Root CA certificate
- Cybertrust Educational CA certificate
- More CA certificates are available at the GlobalSign website.
Which certificate profile?
When requesting certificates, you will have to choose one of the following certificate profiles:- SureServer EDU TLS: this is the recommended choice, useful for most servers and applications.
- SureServer EDU TLS emailserver: for servers processing and generating S/MIME e-mail messages.
- SureServer EDU: obsolete. Don't use this certificate profile.
Documents related to GlobalSign CA and procedures.
- TERENA RA Verification Procedure for ServerSign EDU
- GlobalSign Certification Practice Statement
- GlobalSign Subscriber Agreement for SureServer EDU Secure Server Certificates
- More documents from GlobalSign are available at the GlobalSign repository.
SCS tools
SCS tools for validation and proxy management are available at CRU source repository. These tools are still in development, but you can download and have a look what's inside.
RA or sub-RA?
The standard set-up for a participating NREN is just one RA, consisting of a team of RA administrators. The team usually consists of NREN staff, but could as well be a distributed team consisting of staff members of different universities. Of course all members of the team have equal access to the RA application.
It is also possible to create a number of sub-RAs, where every sub-RA has its own team of administrators. Administrators of one sub-RA have no access to other sub-RAs. The creation of sub-RAs brings a significant additional one-off cost.