Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

DRAFT DRAFT DRAFT

Responsibilities of DRAO(s)

  1. Should know how to use the InCommon CSM administrative tool for managing certificates as documented in the InCommon CA CSM RAO Admin Guide
  2. Request from the RAO only subdomains in campus DNS you should be allowed to approve certificate requests for in your department
  3. Communicate to their department the process for people to request SSL certificates (see OIT example)
  4. When new requests come in, DRAO should do ALL of the following before approving a request:
    1. Verify email address of requester is in the UCI directory, be careful of similar looking letters/numbers
    2. Verify they know the person making the request, or contact them if they don't
    3. Verify they are an "owner" of the system and that the CN is registered properly in DNS
    4. Verify there is a legitimate business need for the request
    5. Verify all required information submitted with the CSR is correct from the user
      1. Verify certificate type is proper
      2. Verify subject alternative names (if applicable) are valid
  • No labels