VT PKI - Certificate Chains


Introduction

Table of Contents

Best Practices

Please find the recommended best practices for maintaining (Web) server certificates for systems and software at Virginia Tech:

https://middleware.vt.edu/certs/practices.html

Certificate Chains

InCommon TLS Server CA

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New
Jersey, C=US
 
CRL: http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl
 
SHA256 Fingerprint: E7:93:C9:B0:2F:D8:AA:13:E2:1C:31:22:8A:CC:B0:81:19:64:3B:74:9C:89:89:64:B1:74:6D:46:C3:D4:CB:D2
 
CN=InCommon ECC Server CA 2,O=Internet2,C=US

CRL: http://crl.sectigo.com/InCommonECCServerCA2.crl
 
SHA1 Fingerprint: 9B:B6:89:A8:86:48:11:90:CF:47:F0:F4:77:AF:6F:9A:4E:18:24:09
SHA256 Fingerprint: B7:8D:8E:B3:47:F8:A6:77:7E:BF:9F:D2:3B:83:80:0A:BC:88:CD:B3:CF:1B:40:70:6B:11:B0:5F:1F:A0:6F:BC

Full chain download: Download as PEM
 
CN=InCommon ECC Server CA,O=Internet2,C=US

CRL: http://crl.sectigo.com/InCommonECCServerCA.crl
 
SHA1 Fingerprint: 97:E5:CB:41:3C:E7:05:A0:DB:18:82:F2:CB:C8:22:D2:67:10:F6:7B
SHA256 Fingerprint: BD:B7:AA:28:F1:64:E4:BC:15:D6:92:07:33:B2:23:ED:98:E5:52:20:A3:E5:6F:3B:1E:CF:D0:4E:87:D3:0B:71

Full chain download: Download as PEM
 
CN=InCommon RSA Server CA 2,O=Internet2,C=US

CRL: http://crl.incommon-rsa.org/InCommonRSAServerCA2.crl

SHA256 Fingerprint: 87:E0:1C:C4:DD:0C:9D:92:A3:DB:D4:90:92:FF:13:F9:CD:38:74:45:CD:C5:7E:5B:98:4E:1B:77:21:B5:B0:29

Full chain download: Download as PEM
 
CN=InCommon RSA Server CA,OU=InCommon,O=Internet2,L=Ann Arbor,ST=MI,C=US
 
CRL: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl
 
SHA256 Fingerprint: 0A:05:C4:62:75:63:90:DD:1F:1D:5D:D8:27:94:C3:00:F0:4B:E7:89:DC:E7:6D:7E:31:2F:79:0D:68:FD:38:5A
 
Full chain download: Download as PEM

InCommon Personal Digital Certificate (PDC) CA

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New
Jersey, C=US
 
CRL: http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl
 
CA certificate: https://www.pki.vt.edu/USERTrustRSACertificationAuthority.pem
 
SHA256 Fingerprint: E7:93:C9:B0:2F:D8:AA:13:E2:1C:31:22:8A:CC:B0:81:19:64:3B:74:9C:89:89:64:B1:74:6D:46:C3:D4:CB:D2
 
C=GB, O=Sectigo Limited, CN=Sectigo Public Email Protection Root R46
 
CRL: http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl
 
CA certificate: https://www.pki.vt.edu/Sectigo_Public_Email_Protection_Root_R46.pem
 
SHA256 Fingerprint=BC:38:6A:5C:66:4B:6B:0B:5E:38:5F:AC:15:1A:A3:91:16:06:17:83:59:DE:D6:8A:E5:01:7D:E9:85:E7:8B:94
 
 
C=US, O=Internet2, CN=InCommon RSA Secure Email CA 3
 
CRL: http://crl.sectigo.com/SectigoPublicEmailProtectionRootR46.crl
 
CA certificate: https://www.pki.vt.edu/InCommon_RSA_Secure_Email_CA_3.pem
 
SHA256 Fingerprint=94:A3:CF:64:53:71:34:D8:25:36:45:09:9C:89:2F:42:EF:A9:E2:38:F4:0F:E0:EF:0D:C4:E5:21:E0:9D:57:56
 

InCommon Personal Digital Certificate (PDC) CA (Old)

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New
Jersey, C=US
 
CRL: http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl
 
CA certificate: https://www.pki.vt.edu/USERTrustRSACertificationAuthority.pem
 
SHA256 Fingerprint: E7:93:C9:B0:2F:D8:AA:13:E2:1C:31:22:8A:CC:B0:81:19:64:3B:74:9C:89:89:64:B1:74:6D:46:C3:D4:CB:D2
 
 
C=US, C=US, O=Internet2, CN=InCommon RSA Standard Assurance Client CA 2
 
CRL: http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl
 
CA certificate: https://www.pki.vt.edu/InCommon_RSA_Standard_Assurance_Client_CA_2.pem
 
SHA256 Fingerprint=AE:0F:96:32:B0:69:A4:10:94:F1:0F:FF:F9:DA:6D:E7:68:65:A5:5B:68:DC:96:4E:7C:90:FC:74:93:EF:FE:5E
 

Middleware Root CA (New)

CN = Middleware Root,OU = Middleware,O = Virginia Tech

CA certificate: Download as PEM

SHA256 Fingerprint: 3F:55:B3:34:99:59:EF:83:74:A6:EE:EA:DF:E7:E1:F7:47:3A:B6:29:59:F8:3F:F7:28:F3:16:6C:31:AD:12:AC

MD5 Fingerprint: DD:EF:9E:AF:EA:7F:09:C6:FF:2C:E7:AD:47:06:15:3C

Virginia Tech Root CA (For Old Middleware Client CA)

CN=Virginia Tech Root CA,O=Virginia Tech Root CA,L=Blacksburg,ST=Virginia,C=US

CA certificate: Download as PEM

SHA256 Fingerprint: CF:A6:4C:FD:C7:60:5A:BF:22:C1:CF:D9:8A:E3:19:B8:88:32:65:09:36:F9:FC:55:BB:69:32:B5:E7:CD:9A:50

Virginia Tech Middleware CA (Old)

CN=Virginia Tech Middleware CA,O=Virginia Polytechnic Institute and State University,DC=vt,DC=edu,C=US

CA certificate: Download as PEM

SHA256 Fingerprint: 6C:AE:95:F4:43:69:D5:D0:B1:B0:87:00:E6:F1:31:E7:67:75:EC:5D:00:24:AF:2C:2C:7C:44:37:97:63:17:1D