Server Certificate Service

More information

If you would like to know more on SCS in your country, check the Participants section of this site.

Root and intermediate CA certificates (PEM format)

Which certificate profile?

When requesting certificates, you will have to choose one of the following certificate profiles:
  • SureServer EDU TLS: this is the recommended choice, useful for most servers and applications.
  • SureServer EDU TLS emailserver: for servers processing and generating S/MIME e-mail messages.
  • SureServer EDU: obsolete. Don't use this certificate profile.

Documents related to GlobalSign CA and procedures.

SCS tools

SCS tools for validation and proxy management are available at CRU source repository. These tools are still in development, but you can download and have a look what's inside.

RA or sub-RA?

The standard set-up for a participating NREN is just one RA, consisting of a team of RA administrators. The team usually consists of NREN staff, but could as well be a distributed team consisting of staff members of different universities. Of course all members of the team have equal access to the RA application.

It is also possible to create a number of sub-RAs, where every sub-RA has its own team of administrators. Administrators of one sub-RA have no access to other sub-RAs. The creation of sub-RAs brings a significant additional one-off cost.