Site Menu
Recent News
The Compensating Controls & Exceptions Form is up
Here are the Compensating Controls & Exception process submision forms for the UCSS.
GeoTrust SSL Certificate Purchasing Explained
Instructions on how to order SSL Certificates through GeoTrust can be found on this page
Security Boot Camp outline up for comment
The CIO Security Group is developing an "Information Security Boot Camp" program that will be taught later this year. Comment on the proposed outline is encouraged during development. Check out the basic outline here
Check the Blackhole List
To see the current Blackhole listing click here
Report an Incident
To report a security breach or other security incident send an email to Security@osu.edu
SSL Certificates
The CIO Security Group continues its arrangements with GeoTrust for SSL certificates. The primary advantage to this arrangement is that we have already gone through the hoops to permit local approval, so that ordering and issuing the certificate usually take place the same day (and often in a matter of minutes or hours). Here are some general informational points:
- The GeoTrust certificates cost $105 per year.
- This is not a mandatory program; units are allowed to purchase from any retailer but CIO Security offers this as a cost saving option with a reputable reseller that we have vetted.
- We can only issue certificates in the osu.edu and ohio-state.edu domains.
- For the moment, only one year terms are permissible - if you select a term other than one year, we won't be able to approve the certificate request. CIO Security is working with purchasing regarding 'forward purchasing' certificates with multi-year terms.
If you would like more information, please contact the CIO Security group at security@osu.edu
Ordering a Geotrust SSL Certificates
The process:
- Send an email to security@osu.edu indicating that you will be ordering a certificate or certificates.
- Have your fiscal representative send an 100W to the OIT fiscal group via fax or internal mail. Questions regarding the content of the 100W should be directed to Sandra Bell (bell.597@osu.edu, 292-1073 Fax:292-9350).
- Go to https://products.geotrust.com/orders/essl/essl.do?ref=269433THE84500, to complete this step, you will need to generate a CSR (Certificate Signing Request) on the GeoTrust website and information about the server for which you are ordering the certificate.
- You will also be asked for technical, billing and administrative information.
- You or someone in your group must be listed as the technical contact.
- Sandra Bell (bell.597@osu.edu, 292-1073 Fax: 292-9350) must be listed as the billing contract.
- You will also be asked for technical, billing and administrative information.
The CIO IT Security Group must be listed the administrative contact (security@osu.edu, 292-1302)
- When you successfully complete the application, GeoTrust sends CIO Security an e-mail indicating that the application is awaiting approval. Assuming that everything is correct, and that CIO IT Security have received notification of receipt or action on your 100W from OIT fiscal, the application will be approved. GeoTrust then sends the certificate to you in e-mail.
PLEASE be sure that you have listed yourself as the technical contact, and that your e-mail address is entered correctly.
Provided all steps are completed properly we expect that the certificate issue process should take no more than 1 working day. There may be other factors which could delay fulfillment so make sure to allot necessary time into your roll-out or renewal schedule to allow for this. Should you not receive a certificate please contact security@osu.edu and we will work to resolve any issues.
