SSL/TLS Certificates

Requesting a SSL/TLS Certificate

  • Go to https://cert-manager.com/customer/InCommon/ssl?action=enroll
  • Login with the following credentials
    • Access Code: EmorySSL
    • Email: Your Emory email address
  • For Server Type, select the choice that best describes the kind of web server you will use the certificate with. This choice may determine what file format you will receive your certificate in.
    • Country Code: Enter "US"
    • State or Province: Enter "Georgia"
    • Locality: Enter "Atlanta"
    • Organization Name: Enter "Emory University"
    • Organizational Unit: Enter the name of your department, such as "LITS" or "Emory College".
    • Common Name: Enter the exact domain name that people use to reach your web server. For example, if you want people to reach your web server at the URL https://mysite.emory.edu/, enter mysite.emory.edu. If your site has multiple aliases, such as mysite.emory.edu and www.mysite.emory.edu, use the one you consider to be the primary name. It is also possible to request a certificate that is valid for multiple domains; contact us for more information.
    • Email Address: Leave this field blank.
    • Challenge Password: Leave this field blank.
    • Optional Company Name: Leave this field blank.
  • Click 'Get the common name from CSR.' The common name you selected when you created your CSR should appear next to "Common name."
  • Click 'Submit'
  • You will receive an email at the address you entered when your certificate is ready.

More Information on the Request Process

There is no cost associated with requesting certificates in this way.

You can request certificates for any domains owned by Emory University. If you are the first person to request a certificate for a particular domain, there may be a delay while the domain is vetted by the certificate vendor. Some of the domains that have already been vetted include:

  • emory.edu
  • emory.net
  • emory.org
  • eusch.org
  • emoryhealthcare.org

If you receive the error "unable to read the CSR", you likely generated your CSR using a cryptographic key less than 2048 bits in length. Try generating a new key and corresponding CSR. The specific steps you must take depend on your web server software.

Ensure that your server is configured to use secure SSL/TLS protocols and cipher suites. See this knowledgebase article for more information.