UACertificate Service SLA
- Yates, Bry-Ann
- Davis, Rem
- Manjak, Martin
- Lyons, Andrew H
Overview
This Service Level Agreement (SLA) defines the responsibilities of the Registration Authority Officers (RAOs), Departmental Registration Authority Officers (DRAOs), and other participating university members as they pertain to the management and use of InCommon Certificates.
Service Description
The InCommon Certificates Manager service allows designated University at Albany employees to request and manage X.509 compatible SSL certificates.
Intended users
RAO – Members of ITS who can request, approve/decline requests, and manage certificates on behalf of the University at Albany, in addition to creating DRAOs.
DRAO - Employees who are technically qualified to manage X.509 certificate requests and assignments, and who are familiar with the University at Albany Polices, which are located at ITS Policies. Generally, staff who have broad IT technical support responsibilities will be designated as Departmental Registration Authority Officers (DRAO) after undergoing training in the use of the InCommon Certificate Management portal. The Information Security Officer will be responsible for granting this privilege.
Members - Other participating university employees who are not DRAOs, but are technically qualified to manage X.509 certificate requests and assignments, and who are familiar with the University at Albany Polices, which are located at ITS Policies. These customers can request a certificate from their respective DRAO, or if they do not have a DRAO, by submitting a service request.
Supported Computing Environment
Technical Support
Recovery and revocation support: Requests for assistance should be submitted at Certificate - Requests and will be handled as soon as possible, within two working days. Recovery and revocation support is available from 9:00 a.m. to 3:00 p.m., Monday through Friday, excluding holidays and reduced schedule days.
A new certificate will be issued within two business days.
Additional information concerning InCommon Certificates and their support can be found in the online documentation at InCommon.
User Accounts
Accounts will be created at the level of Department Registration Authority Officer (DRAO).
DRAOs will have the ability to manage SSL certificates.
DRAOs can use the self-enrollment process to allow qualified staff to apply for SSL certificates
DRAOs cannot issue code signing certificates.
By default, DRAOs cannot create additional administrators.
User Responsibilities
DRAOs and Members agree to adhere to the University's Acceptable Use Policies.
This includes, but is not limited to, ensuring that all servers are certified and services validated in the Server Inventory Database ( si.albany.edu) that is operated by the CISO. For further details please visit Standards for Connecting Servers to the University Network.
DRAOs agree to manage certificate requests and issued certificates responsibly.
DRAOs and Members will maintain the confidentiality of their Certificate Manager credentials and will promptly report any suspected abuse or exposure of these credentials.
DRAOs and Members recognize that ITS does not provide support for the generation of CSRs nor the implementation and management of certificates.