Versions Compared

Version Old Version 15 New Version Current
Changes made by

Alex Barth

Alex Barth

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Current Certificate Authorities

Server Configuration

The following are the The current Certificate Authorities registered with the Austin Active Directory and the assocated test domainsare the preferred CA for internal certificates in the respective environments:

Server

Domain

CA Name

DFS Group

Key Length

Hash

Status

Purpose

Public

Server

URL

Notesca

aad-

ext

cart-p01

n/a

Austin

External 2015 SHA256ProductionExternal SHA2 certificates

-CA-Root-2022

n/a

4096

SHA384

offline root CA for all issuing CAs

certificates.austin.utexas.edu

 ca

aad-

root

case-p01

austin.utexas.edu

Austin-CA-

2016

Prod-

Prod

2022

AUSTIN

AAD-PKI

SHA256

4096

Production

SHA384

SHA2 certificates

issuing CA for prod

certificates.austin.utexas.edu

 ca

aad-

root

case-q01

adqual.utexas.edu

Austin-CA-

2016

Qual-

Qual

2022

CDS

AAD-PKI

SHA256

4096

Test

SHA384

SHA2 certificates

issuing CA for qual

certificates.

cds

adqual.utexas.edu

 ca

aad-

root

case-t01

adtest.utexas.edu

Austin-CA-

2016

Test-

Test

2022

ADTEST

AAD-PKI

SHA256

4096

Test

SHA384

SHA2 certificates

issuing CA for test

certificates.adtest.utexas.edu

 ca02

Deprecated Certificate Authorities 

The deprecated Certificate Authorities are still active but no longer the preferred CA for the respective environment:

...

Server

Domain

CA Name

DFS Group

Key Length

Hash

Purpose

Public URL

aad-ca-p01

austin.utexas.edu

External Certificate Authority SHA1ExpiredExternal certificates

Austin-CA-2016-Prod

AUSTIN-PKI

2048

SHA256

SHA2 certificates for prod

certificates.austin.utexas.edu

 ca03Austin Root Certificate Authority SHA1ProductionRoot certificate onlycertificates.austin

aad-ca-q01

adqual.utexas.edu

Austin-CA-2018-Qual

ADQUAL-PKI

2048

SHA256

SHA2 certificates for qual

certificates.adqual.utexas.edu

 ca04Austin Subordinate Certificate Authority SHA1ProductionIssuer for normal certificatescertificates.austin

aad-ca-t01

adtest.utexas.edu

Austin-CA-2016-Test

ADTEST-PKI

2048

SHA256

SHA2 certificates for test

certificates.adtest.utexas.edu

 ca05Austin Disk Certificate Authority SHA1ProductionIssuer for disk IPsec certificatescertificates.austin.utexas.edu ca06Austin External Certificate Authority SHA1ProductionExternal certificatescertificates.austin.utexas.edu 

Assigned Certificate Templates

ServerCertificate Templates
ca-root-p01 
ca-root-q01 
ca-root-t01 

Naming Conventions

Current (as of 2016)

Austin CAs should confirm to the following naming conventions:

...

aad-ca-c01

cds.utexas.edu

Austin-CA-2016-Qual

CDS-PKI

2048

SHA256

SHA2 certificates for legacy qual

certificates.cds.utexas.edu

Retired Certificate Authorities 

The retired Certificate Authorities are no longer active and the associated CRLs cannot be accessed by clients.

Server

Domain

CA Name

DFS Group

Key Length

Hash

Purpose

Public URL

ca-ext-p01

austin.utexas.edu

Austin External 2015

n/a

2048

SHA256

External SHA2 certificates

self

ca02

austin.utexas.edu

austin.utexas.edu External Certificate Authority

n/a

2048

SHA1

External certificates

self

ca03

austin.utexas.edu

Austin Root Certificate Authority

n/a

2048

SHA1

Root certificate only

self

ca04

austin.utexas.edu

Austin Subordinate Certificate Authority

n/a

2048

SHA1

Issuer for normal certificates

self

ca05

austin.utexas.edu

Austin Disk Certificate Authority

n/a

2048

SHA1

Issuer for Austin Disk client certificates

self

ca06

austin.utexas.edu

Austin External Certificate Authority

n/a

2048

SHA1

External certificates

self