Print

Print


Upcoming Event
Category : Systems and Applications
Message : On Friday, 3/25/2011, the current SSL certificate on LDAP (ldap.utk.edu) will expire. We will be renewing the LDAP certificate. However, the SSL CA vendor Thawte has upgraded its root hierarchy to use 2048-bit RSA keys, and, as part of that upgrade, is using a new primary and intermediate root certificate chain.

If you have applications using LDAP for authentication, you may need to import 2 new Thawte CA certificates into your application's certificate store. You can download these CA certs from the vendor site:

https://search.thawte.com/support/ssl-digital-certificates/index?page=content&actp=CROSSLINK&id=AR1373

This change will not affect all applications that authenticate using SSL; it depends on the application and how it is using LDAP. Also, browsers such as Internet Explorer, Safari, Firefox and Chrome have already been updated with the new chain, so it's possible that your application already has the new certs installed as well. If you are an application developer who would like to test your application before installing new CA certificates, an LDAP server (ldaps://ldapdev.usg.utk.edu:636) with the renewed certificate is available for testing.
 
Please contact the OIT HelpDesk at 974-9900 if you need assistance or further information.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
To join/leave the list or browse past event notifications, please see
http://listserv.utk.edu/archives/oitevents.html

For information and support, please contact:

OIT HelpDesk  (865) 974-9900