Instructions for acquiring the ability to sign certificate requests for xsede.org subdomains.

Domain Control Validation for xsede.org Subdomains

Sites that wish to add *.xsede.org hostnames in the Subject Alternative Name field of InCommon-issued certificates must complete Domain Control Validation. Example instructions are shown below. If these instructions do not work for you, please contact XSEDE Help Desk and report the issue you are having so these instructions can be updated accordingly.

Part 1 — Domain Request

  1. Log in to the InCommon Certificate Manager as a user with role "DRAO Admin - SSL" and Privileges "Allow DCV".
  2. Select "Settings->Domains" , "Delegations" tab.
  3. Click the "Add" button.
      In the "Create Domain" window, enter:
    1. Domain: lsu.xsede.org
    2. Description: XSEDE Hosts at LSU
    3. Click the "+" for your parent organization,
      check the box for your Department name,
      check the box for "SSL" only.
    4. Click the "OK" button.
  4. Let your RAO know that you have submitted a domain request.
  5. Wait for RAO and MRAO to approve.

Part 2 – Domain Control Validation (DCV)

  1. Log in to the InCommon Certificate Manager as a user with role "DRAO Admin - SSL" and Privileges "Allow DCV".
  2. Select "Settings->Domains" , "DCV" tab.
  3. Check the box next to the domain, click the "DCV" button.
  4. Select CNAME as the DCV method.
  5. Copy Step 1 of the instructions provided and submit a ticket to XSEDE Help Desk explaining that you are asking for Certificate Services subdomain authorization.
  6. Click the "Save" button and Close.
  7. Once the DNS entry has been created, repeat Steps 1-3, then click the "Submit" button.

Part 3 – Finish

Once the DCV validation has been completed, you will be able to sign certificate requests with the lsu.xsede.org subdomain name.

Key Points
XSEDE certificates made available by the InCommon Certificate Service.
Completing DCV enables site admins to obtain xsede.org certificates with their organization as the third-level domain.
Contact Information