Which certificates do I need?¶
In most browsers, you probably only need to “Browser Import” the Root certificate (trusting it to sign web certificates) into the Trusted Roots section of your certificate store and you’ll then be able to access websites whose certificates are signed by our eScience CAs.
RPM Package installs for these certificates are avaliable from the EUGridPMA repository
IGTF-accredited UK eScience CA Certificates¶
Frequently Asked Questions¶
Q: What are the SHA-1 fingerprints?
These can be used to prove that the certificate you have received is the correct one. Note that you also have to trust the source of the fingerprint which is why they should be provided on different servers. The example below shows that the two eScience Root CA files are for the same certificate
$ # openssl v1.X.Y $ openssl x509 -in 7ed47087.0 -noout -fingerprint -sha1 SHA1 Fingerprint=A1:39:B0:F3:04:6C:0B:F9:F5:0A:1B:33:00:06:4F:83:6B:7D:4F:3E