A new version of the CERN-CA-certs package is available in the QA environment.
The new package removes the older certificates of the CERN Certification Authority. Please make sure to test your services and software with the new package.
Full details are available on the SSB entry: OTG0077330.

Skip Navigation Links.

CERN Host Certificates

CERN Host certificates are digital certificates that can be used in all cases where a machine certificate is required (e.g. for a web server), but cannot be used for Grid authentication, and are not trusted by Grid software.

CERN Host certificates have, however, other advantages:

  • The certificate validity is 2 years, instead of one.
  • Machines can be configured to autoenroll these certificates, i.e. to request and renew them automatically (Windows only).

Who can request a CERN Host Certificate

In order to request a CERN Host Certificate a user must:

  • Have a valid user certificate released by the CERN Grid Certification Autority.
  • Be authenticated using the user certificate.

A user will be able to request certificates ONLY for hosts registered in LanDB (https://network.cern.ch) where he is defined as Responsible or Main user. If the Host's declared Responsible or Main User is a mailing list, the user must be member of this mailing list.

About certificates autoenrollment

A machine configured for certificates autoenrollment will request and renew its host certificate automatically.

For more informations, see Certificates Autoenrollment

Created: 3/10/2020
Last reviewed: 5/2/2022
Send the page Send  |  Printable version Print