Johns Hopkins offers free unlimited SSL certificates through its Enterprise Public Key Infrastructure (PKI) and the InCommon Certificate Service.
In July 2009, Johns Hopkins implemented an Enterprise PKI to easily and cost effectively secure internal data communication between systems, applications, etc. and to help reduce cost on the purchases of third-party certificates like GeoTrust. Certificates offered through the Enterprise PKI are automatically trusted on the Hopkins network and by systems in the Enterprise AD. The Enterprise PKI provides high assurance SSL security certificates with 2048 bit signatures for servers and clients authentication, certificate based authentication, two-factor authentication. Utilizing AD and group policy the Enterprise PKI certificates can be automatically installed on systems in the Enterprise AD and certificates can be automatically renewed when approaching expiration.
In July 2013, Johns Hopkins subscribed to the InCommon Certificate Service. The service provides the U.S. higher education community with unlimited SSL certificates at one fixed annual fee. The service currently has over 300 subscribers. For more information, see http://www.incommon.org/cert/. Certificates issued by Comodo must meet the requirements of the InCommon Certificate Service agreement between Johns Hopkins and InCommon. The certificates must be for a domain that is registered to Johns Hopkins under its non-profit charter. Certificates for dot.com domains may not be issued under this agreement. Comodo Provides high assurance SSL security with 2048 bit signatures and up to 256 encryption. Comodo root certificates are embedded in all major browsers and devices and are trusted by 99.9% of the Internet population. Comodo certificates does not replaced the Johns Hopkins Enterprise PKI issued certificates but they should be requested if there’s a requirement to allow systems, applications, etc. outside of the Enterprise AD and the Hopkins network to trust the issued certificate.
For additional information and how to request SSL certificates, refer to the navigation links on the left side menu.