This short guide may help you understand which certificate types are available to you via Sectigo.
Type | Explanation | Order Process |
---|---|---|
GÉANT OV Certificates | Standard SSL certificates offering verified to Organisation Validation level. These can be multi-domain. | Order via your cert manager portal (https://cert-manager.com/customer/<YOURNREN>) or set up an enrollment form for users. These can also be ordered via ACME. |
GÉANT EV Certificates | Standard SSL certificates offering verified to Extended Validation level. These can be multi-domain. | Order via your cert manager portal (https://cert-manager.com/customer/<YOURNREN>) or set up an enrollment form for users. These can also be ordered via ACME. |
Wildcard Certificates | These all multiple sub-domains to be covered by one certificate. Note, these are only available as OV, it is impossibe to have an EV wildcard certificate. | Order via your cert manager portal (https://cert-manager.com/customer/<YOURNREN>) or set up an enrollment form for users. These can also be ordered via ACME. |
GÉANT Organisation email signing | These can be used to allow S/MIME for non-personal email accounts. Cannot be ordered via SAML as group accounts should not have SAML credentials. | Order via invite to the relevant email address in your cert manager instance: https://cert-manager.com/customer/<YOURNREN>. |
GÉANT Personal email signing and encryption | This is for all typical S/MIME use cases where a person needs to sign and encrypt email. Validation of the individual must be HIGH. Can ONLY be ordered via SAML as this helps us achieve the required user validation level. | Order via the SAML portal, this can be accessed at: https://cert-manager.com/customer/<YOURNREN>/idp/clientgeant/ |
Document Signing Certificates | Allows secure signing of pdfs and other appropriate document formats. Please note that normal S/MIME certificates should never be used for document signing purposes. | These can be ordered via: https://store.sectigo.com/cart.php?a=add&pid=97. There is a charge for the token that these certificates are delivered on. |
OV Code Signing Certificates | Allows developers to digitally sign applications, drivers, executables and software programs as a way for end-users to verify that the code they receive has not been altered or compromised by a third party. | These can be ordered by sending an invite from the Code Signing Certificate menu within you cert-manager portal:https://cert-manager.com/customer/<YOURNREN>. |
EV Code Signing Certificates | Allows developers to digitally sign applications, drivers, executables and software programs as a way for end-users to verify that the code they receive has not been altered or compromised by a third party. | These can be ordered via: https://store.sectigo.com/cart.php?a=add&pid=98. There is a charge for the token that these certificates are delivered on. |
GÉANT Personal Automated Authentication | Provides secure client authentication for software agents and processes running under your control, and authenticate these to e-Infrastructure services. Should ONLY be used in relevant IGTF use cases. | Order via the SAML portal, this can be accessed at: https://cert-manager.com/customer/<YOURNREN>/idp/clientgeant/ |
GÉANT Personal Authentication | Provides client authentication, enables you to authenticate you to e-Infrastructure services. Should ONLY be used in relevant IGTF use cases. | Order via the SAML portal, this can be accessed at: https://cert-manager.com/customer/<YOURNREN>/idp/clientgeant/ |
GÉANT Organisation Automated Authentication | Similar to the GÉANT Organisation email signing but for use in IGTF use cases. Replaces the old IGTF robot approach. | Order via invite to the relevant email address in your cert manager instance: https://cert-manager.com/customer/<YOURNREN>. |