Download the complete service offering doc format of certificate_management_services_definition.doc

 

 

1. Description of Service

The Information Technology Division (ITD) provides reliable and secure centrally managed SSL Certificate Management. ITD purchases a block of 128 bit, 1 year validity period SSL server certificates from VeriSign. The customer's security administrator generates a certificate request and uses the VeriSign/Commonwealth Certificate Enrollment portal to request a certificate. The security administrator receives the certificate via email.

Secure Sockets Layer (SSL) technology protects a website and makes it easy for website visitors to trust the site in three essential ways:

  • An SSL Certificate enables encryption of sensitive information during online transactions
  • Each SSL Certificate contains unique, authenticated information about the certificate owner
  • A Certificate Authority verifies the identity of the certificate owner when it is issued
This service includes:
  • Approve the issuance of a new certificate
  • Change a certificate's challenge phrase and/or administrator's email address
  • Revoke a certificate
  • Reissue a certificate
  • Two levels of certificates: standard 40bit and premium 128bit
Support services include:

 

 

2. Service Targets/Hours of Availability

Service Requirement

Description

Incident Management *ITD Service Management Office has standard processes to manage incidents, requests, or changes.
Outages or urgent issues should be reported by phone to receive the quickest response 1-866-888-2808.
Request FulfillmentStaff will respond to service requests 6:00 am - 5:00 pm Monday through Friday.

 

 

 

3. Service Reporting

The following reporting information is provided to customers as part of this service:

Report

Description

Reporting Interval

Notice of ExpirationEmail is sent to email address(es) entered during the enrollment process.30 and 7 days prior to expiration

 

 

 

4. Service Requests

COMiT Service Requests* DescriptionLead Time-Business Days
Request New SSL CertificateThis is to request a new SSL Certificate. SSL certificates can be for one, two, three, or four years. ITD purchases SSL certificates from VeriSign. Agencies requiring a new certificate will be directed to a VeriSign website dedicated to the Commonwealth to request a certificate. Only the agency security administrator can manage these certificates.

5 Days**
Renew an Existing SSL Certificate

This request is to renew an existing SSL certificate that is expiring. ITD purchases SSL certificates from VeriSign. Agencies renewing a certificate will be directed to a VeriSign website dedicated to the Commonwealth. Only the agency security administrator can manage these certificates.

 

 


5 Days**

Submit an Issue with Current SSL Certificate ServiceThis request is for assistance with a SSL certificate issue. ITD purchases SSL certificates from VeriSign. Agencies having issues with a certificate will be directed to a VeriSign website dedicated to the Commonwealth. Only the agency security administrator can manage these certificates.  


5 Days

**When a customer requests a new or renewed certificate, a BAR (Business Application Request) listing certificate costs must be approved and processed before the service request can be completed.

*For new service requests only. To manage existing requests, please log into COMiT.

 

 

 

5. Customer Responsibilities

The customer will submit requests for certificates through the Verisign/Commonwealth Certificate Enrollment portal and notify ITD when a certificate should be revoked.

For your convenience, you may view a detailed list of customer responsibilities doc format of certificate_management_services_definition.doc .

 

 

 

6. Chargeback Rate Information

For more information on Chargeback, including an overview of the program as well as current and previous fiscal year rates, please visit our Chargeback Services webpage.

Costs for certificates are charged directly to customers. Maximum costs for a standard certificate is $221.19 and a premium certificate is $542. ITD purchases certificates in bulk in order to obtain the lowest cost at the time of purchase, therefore, final costs to customers may be lower.

 


Reviewed April 23, 2014
Updated April 16, 2014
Published August 14, 2009
Created April 6, 2009: Information provided by the Security Office