These pages are produced and maintained by the ITS CSOL Certificates Team. If you have any questions, please send an email to .

Certificate Users: There are some changing happening behind the scenes regarding the “Sectigo Public Root CAs Migration”. To ensure that you certificates continue work moving forward, please contact your department technical contact to ensure they are aware of the migration happening between March 1 through June 2, 2025.

Certificate Administrators: The Sectigo Public Root CAs migration will affect S/MIME (email certificates), Extended Validation (EV), Organization Validation (OV), and Domain Validation (DV) certificates. In most configurations this should be transparent, however, in due-diligence, ensure that there are no static or persistent installations of the Sectigo Public Root CAs. If so, those certificates will need to be updated and maybe again in the future; so an automated solution maybe prudent.

Please read the following web article: https://cloud.wikis.utexas.edu/wiki/spaces/digitalcertificates/pages/276660479

What is a Digital Certificate?

In the broadest terms, a digital certificate is block of cryptographic text that is used in many functions such as securing data transport or ensuring the identity or authenticity of sender or provider of information. Digital Certificates come a variety to support various functions. The most popular or well known types are:

Certificate Type	Description / Explanation

Certificate Type

Description / Explanation

SSL or Secure Socket Layer and TLS (Transport Layer Security) certificates come in a private and public key pair. With this combination of keys, a web browser (client) that connects to a server can:

Authenticate the identity of the server (a website, a domain name, server name or host name)
Encrypts the data in transit between client and server.

In web browsers, an established encrypted/secure connection will present as a padlock in the URL bar of the browser along with starting string of "https://".

Renewing Certificates

Looking to renew a certificate or update an existing one to extend it or make changes? Take a look here.

Client Certificates or Digital IDs are used to identify one user to another, a user to a machine, or a machine to another machine. One common example is digitally signing emails, where the sender digitally signs the communication, and the recipient verifies the signature. Client certificates authenticates the sender and the recipient.

Client certificates also take the form of two-factor authentication when the user needs to access a protected database or arrives at the gateway to a payment portal, where they’ll be expected to enter their passwords and be subjected to further verification.

Code Signing Certificates are used to digitally sign software or files that are downloaded over the internet. The files are signed by the developer/publisher of the software. Their purpose is to guarantee that the software or file is genuine and comes from the publisher it claims to belong. They’re especially useful for publishers who distribute their software for download through third-party sites. Code signing certificates also act as a proof that the file hasn’t been tampered with since download.

Information, Knowledge, and Technical Articles
What to know more? Want to get into the specifics of certificates, cryptography, and security? This section is the library or knowledge base of information.

Page Index