View Current

Procurement of SSL and End User Certificates Procedures

This is the current version of this document. To view historic versions, click the link in the document's navigation bar.

Section 1 - Overview

(1) This Procedure ensures adequate separation of duties with respect to the procurement, issuing and management of University SSL and End User certificates.

Top of Page

Section 2 -  Scope

(2) This Procedure applies to all University Representatives and relates to the procurement of University SSL and End User Certificates.

Top of Page

Section 3 - Procedure

General

(3)  A certificate must not be requested and approved by the same individual.

(4) The party responsible for installing the certificate determines the area responsible for managing the certificate procurement:

  1. If the certificate is to be installed by the ITD Cloud Infrastructure Services Group (CISG), CISG will manage the certificate procurement.
  2. If the certificate is not to be installed by CISG, ITD Information Services will manage the certificate procurement.
  3. If the certificate is to be installed by a Vendor or other UNE department or entity, the Vendor or other UNE department or entity will submit a request to servicedesk@une.edu.au, which will initiate the following actions:
    1. IT Service Desk will assign the request to the Information Services queue; and
    2. Information Services will manage the certificate procurement.

(5) The private key associated with a certificate must be unique. Using the same private key for different certificates is prohibited. However, it is acceptable to re-use an existing private key for a certificate when renewing that certificate.

(6) The term of certificates will be three years unless the request is for a certificate requested by a Vendor or other UNE department or entity whereby the certificate request will be made for the term of one year.

Authority and Compliance

(7) The Procedure Administrator makes these procedures.

(8) University Representatives must observe these Procedures in relation to University matters.

(9) This procedure operates as and from the Effective Date. 

(10) Previous procedures relating to the Procurement of SSL and End User Certificates are replaced and have no further operation from the Effective Date of this new Procedure.

Top of Page

Section 4 - Definitions

(11) Effective Date is the date on which these Procedures will take effect.

(12) Procedure Administrator is the Director Information Technologyâ€<.

(13) Effective Date means  the day on which the Procedure is published or on such later day as may be specified in the Procedure.

(14) University Representative means a University employee (casual, fixed term and permanent) contractor, agent, appointee, UNE Council member, adjunct, visiting academic and any other person engaged by the University to undertake some activity for or on behalf of the University.  It includes corporations and other bodies falling into one or more of these categories.