Trusted Certificate Service (TCS)

The newest iteration of GÉANT's Trusted Certificate Service (TCS – formerly known as the TERENA Certificate Service) launched on 1 July 2015, with DigiCert as the new provider. For information about the new service, please visit the GÉANT website TCS page.

ABOUT THE PREVIOUS SERVICE

The TERENA Certificate Service allowed a variety of digital certificates to be offered to research and education institutions served by participating National Research and Education Networks (NRENs). This took advantage of a bulk purchasing arrangement whereby NRENs could issue unlimited numbers of certificates for a flat fee. Certificates could be obtained through NRENs that were TCS Participants and were provided by Comodo CA Limited, one of the largest worldwide Certification Authorities.

From 1 February 2013, the procedure changed for issuing OV server certificates, which were the default server certificate in TCS. See linked news item below and FAQ in shortcuts for details.

Five main types of certificates were available:

  • Server Certificate - for authenticating servers and establishing secure sessions with end clients. These could be Organisation Validated (OV) or Domain Validated (DV) certificates.
  • e-Science Server Certificate - for authenticating Grid hosts and services. These were IGTF compliant. These could be Organisation Validated (OV) or Domain Validated (DV) certificates.
  • Personal Certificate - for identifying individual users and securing e-mail communications.
  • e-Science Personal Certificate - for identifying individual users accessing Grid services. These were IGTF compliant.
  • Code-signing Certificates - for authenticating software distributed over the Internet.

Please note that TERENA did not issue certificates or offer support to end-users. Requests for certificates or support were to be addressed to the appropriate NREN or their authorised agents.

From 1 July 2012, TCS certificates could be used to conduct monetary transactions.

Community Feedback on TCS

Vetting and issuing certificates works two to three times faster per certificate with TCS than with other products, especially because customers get fewer chances to make mistakes. In fact, it is vastly superior to commercial per-certificate services.

Customers are delighted because the enrollment screens simply make sense. The TCS certificates give me hard requester data and digitally signed emails without interference of misconfigured mail servers.
Teun Nijssen
Security Officer
Tilburg University


Running period: July 2009 - July 2017

News & Features