Skip to end of metadata
Go to start of metadata

Personal certificates

The TCS eScience and personal portals

The TCS-eScience-portal and the TCS-personal-portal are instances of the TERENA certificate service for eScience-personal and personal certificates based on the Confusa software.

Differences between eScience-personal and personal certificates


Personal certificate

eScience personal certificate

Validity period

365 days, 730 days or 1095 days

395 days

Subject-DN CN

Full name

Full name and ePPN

Subject-DN unstructuredName



E-mail addresses as rfc822name

one or more mandatory


Subject-DN encoding




TCS Personal CA

TCS eScience Personal CA

Technical information

Tech-Info about the TCS portal project.

  • content of a server certificate
    • commonNames, subjectAlternativeNames and unstructureNames
    • why should I use 2048 bit certificates
    • certificate lifetimes supported by TCS
    • certificate validity checking
      • Certificate Revocation Lists
        • where are TCS CRLs?
        • how do I enable CRL checking in application
          • IE
          • FF
      • OCSP
        • where are TCS OCSP transponders
        • how do I enable OCSP checking in:
          • app 1
          • app 2
  • generating certificate requests
    • Using OpenSSL
    • using Microsoft IIS
    • using ....
  • requesting a server certificate
    • Using the invaluable DjangoRA
      • as setup by SURFnet
      • as setup by ...
    • Using JANETs ...
    • Using the infamous Reseller interface
  • installing a server certificate
    • how many beers to offer to the RA after forgetting the damned chain
    • what is a certificate chain anyway
    • which chains does TCS use
    • why is the chain for Windows servers so treacherous to install
    • installing in Apache
    • installing in Windows Server
    • installing in Java keystore, including exact order of certs
    • installing in Tomcat
    • installing in Oracle Wallet Manager
    • installing in Novell Console One for Groupwise
    • installing in Windows Mobile 5
    • installing in Win Mobile 6.1 is needed after all
    • installing in Cisco ASA 5520 VPN box
    • device x
    • device y
    • device z
  • No labels