View Current

Procurement of SSL and End User Certificates Procedures

This is the current version of this document. To view historic versions, click the link in the document's navigation bar.

Section 1 - Overview

(1) This Procedure ensures adequate separation of duties with respect to the procurement, issuing and management of University SSL and End User certificates.

Top of Page

Section 2 -  Scope

(2) This Procedure applies to all UNE Representatives and relates to the procurement of University SSL and End User Certificates.

Top of Page

Section 3 - Procedure

General

(3)  A certificate must not be requested and approved by the same individual.

(4) The party responsible for installing the certificate determines the area responsible for managing the certificate procurement:

  1. If the certificate is to be installed by the Technology and Digital Services (TDS) Cloud Infrastructure Services Group (CISG), CISG will manage the certificate procurement.
  2. If the certificate is not to be installed by CISG, TDS Information Services will manage the certificate procurement.
  3. If the certificate is to be installed by a Vendor or other UNE department or entity, the Vendor or other UNE department or entity will submit a request to servicedesk@une.edu.au, which will initiate the following actions:
    1. IT Service Desk will assign the request to the Information Services queue; and
    2. Information Services will manage the certificate procurement.

(5) The private key associated with a certificate must be unique. Using the same private key for different certificates is prohibited. However, it is acceptable to re-use an existing private key for a certificate when renewing that certificate.

(6) The term of certificates will be three years unless the request is for a certificate requested by a Vendor or other UNE department or entity whereby the certificate request will be made for the term of one year.

Authority and Compliance

(7) The Procedure Administrator, the Chief Information Officer,  makes these Procedures.

(8) University Representatives must observe these Procedures in relation to University matters.

(9) This Procedure operates as and from the Effective Date

(10) Previous procedures relating to the Procurement of SSL and End User Certificates are replaced and have no further operation from the Effective Date of this new Procedure.