Current Certificate Authorities
The current Certificate Authorities
...
Server Configuration
The following are the Certificate Authorities registered with the Austin Active Directory and the assocated test domainsare the preferred CA for internal certificates in the respective environments:
Server | Domain | CA Name | DFS Group | Key Length | Hash | Purpose | Public URL |
|---|---|---|---|---|---|---|---|
aad-cart-p01 | n/a | Austin-CA-Root-2022 | n/a | 4096 | SHA384 | offline root CA for all issuing CAs | certificates.austin.utexas.edu |
aad-case-p01 | austin.utexas.edu | Austin-CA-Prod-2022 | AAD-PKI | 4096 | SHA384 | issuing CA for prod | certificates.austin.utexas.edu |
aad-case-q01 | adqual.utexas.edu | Austin-CA-Qual-2022 | AAD-PKI | 4096 | SHA384 | issuing CA for qual | certificates.adqual.utexas.edu |
aad-case-t01 | adtest.utexas.edu | Austin-CA-Test-2022 | AAD-PKI | 4096 | SHA384 | issuing CA for test | certificates.adtest.utexas.edu |
Deprecated Certificate Authorities
The deprecated Certificate Authorities are still active but no longer the preferred CA for the respective environment:
Server | Domain | CA Name | DFS Group | Key Length | Hash |
|---|
Purpose | Public |
|---|
URL |
|---|
aad-ca |
-p01 | austin.utexas.edu | Austin-CA-2016-Prod | AUSTIN-PKI | 2048 | SHA256 |
SHA2 certificates for prod | certificates.austin.utexas.edu |
aad-ca- |
q01 |
adqual.utexas.edu | Austin-CA- |
2018-Qual |
ADQUAL-PKI | 2048 | SHA256 |
SHA2 certificates for qual | certificates. |
adqual.utexas.edu |
aad-ca- |
t01 | adtest.utexas.edu | Austin-CA-2016-Test | ADTEST-PKI | 2048 | SHA256 |
SHA2 certificates for test | certificates.adtest.utexas.edu |
aad-ca- |
c01 |
cds.utexas.edu | Austin-CA- |
2016-Qual |
CDS-PKI | 2048 | SHA256 |
SHA2 certificates for |
legacy qual | certificates. |
cds.utexas.edu |
Retired Certificate Authorities
The following are the retired Certificate Authorities that are no longer in production useactive and the associated CRLs cannot be accessed by clients.
...
Server | Domain | CA Name | DFS Group | Key Length | Hash |
|---|
Purpose | Public |
|---|
URL | |||||
|---|---|---|---|---|---|
ca-ext-p01 | austin.utexas.edu | Austin External 2015 | n/a | 2048 | SHA256 |
External SHA2 certificates | self | ||||
ca02 | austin.utexas.edu | austin.utexas.edu External Certificate Authority | n/a | 2048 | SHA1 |
External certificates | self | ||||
ca03 | austin.utexas.edu | Austin Root Certificate Authority | n/a | 2048 | SHA1 |
Root certificate only | self | ||||
ca04 | austin.utexas.edu | Austin Subordinate Certificate Authority | n/a | 2048 | SHA1 |
Issuer for normal certificates | self | ||||
ca05 | austin.utexas.edu | Austin Disk Certificate Authority | n/a | 2048 | SHA1 |
Issuer for Austin Disk client certificates | self | ||||
ca06 | austin.utexas.edu | Austin External Certificate Authority | n/a | 2048 | SHA1 |
External certificates | self |
Assigned Certificate Templates
...
Naming Conventions
Active (2020 to current)
Austin CAs should confirm to the following naming conventions:
Austin CA <environment> <year> (<version>)
- The environment should be set to Prod, Qual, Test
- The version should be populated when a new CA is required with the same year and function as an existing CA
- Examples:
- Austin-CA-Prod-2020
- Austin-CA-Qual-2020
- Austin-CA-Qual-2020-v2
Previous (prior to 2020)
Austin CAs should confirm to the following naming conventions:
...