Main Nav

Enhancement to InCommon Client Certificate Service

According to InCommon, effective today, the cap on the number of valid client (personal) certificates per unique e-mail address has been eliminated for all subscribers to the InCommon Certificate Service.

Since the deployment of client certificates, community discussions have identified some scenarios where having three or more client certificates per e-mail address might be useful. InCommon and their partner, Comodo, agreed and have made available unlimited client certificates per e-mail address. Normally, most certificate authorities will only allow you to have one valid client certificate per unique e-mail address.

Previously, the InCommon Certificate Service has allowed subscribers to receive up to two certificates per unique e-mail address. This flexibility has made it possible for sites to issue an escrowed encryption key, while also issuing the user a non-escrowed and non-repudiable digital signing key, as required by state law in some jurisdictions. Under this old scenario, however, an attempt to request a third certificate for that same e-mail address would be denied.

A few anticipated questions are addressed in an FAQ. If you have other questions, please e-mail

The InCommon Certificate Service provides unlimited SSL, personal signing (e.g. client), extended validation, encryption, and code signing certificates for one annual fee. This includes certificates for all domains owned by an institution of higher education.