UMCPCA Inter Cert (OIT)

Root Authority Certificate

College Park Certificate Authority

About the Campus Intermediate Certificate

This URL is embedded into the Intermediate Certificate, which is part of the Certificate Chain for all Certificate Authorities at the University of Maryland at College Park.

This Intermediate certificate was generated at the Keysigning Ceremony on Friday, June 6, 2003. It replaces the April 14, 2003 intermediate certificate, which in turn replaced the February 24, 2003 intermediate certificate.

Some time after February 24, when the original certificates were generated, it was discovered that Internet Explorer imposes a strict nesting requirement on the expiration dates of the certificates in the chain. On April 14 new versions of the intermediate and server signing certificates, containing expiration dates that comport with Internet Explorer's requirements, were installed.

Later it was discovered that the Novell eDirectory server (a component of the new campus eMail system) cannot tolerate certificates using the new DC based naming scheme. On June 6 all certificates were rebuilt with Distinguished Name fields not containing DC or EMAIL components.

As with all Certificates, it can be listed using the x509 option of the OpenSSL program:

% openssl x509 -noout -text -in inter.cert.pem

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, ST=Maryland, O=University of Maryland, OU=College Park Campus, CN=UMD College Park Root v1
        Validity
            Not Before: Jun 21 19:52:36 2006 GMT
            Not After : Jun 21 19:52:36 2036 GMT
        Subject: C=US, ST=Maryland, O=University of Maryland, OU=College Park Campus, CN=UMD College Park Intermediate v1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (2048 bit)
                Modulus (2048 bit):
                    00:95:24:fc:46:86:e3:0e:20:1a:8d:f1:ca:21:ef:
                    0f:dd:c8:d6:5d:b6:f3:f2:23:d1:25:84:f6:dc:11:
                    8f:fe:0f:10:a0:55:e9:d5:b4:91:b4:0d:1a:a2:11:
                    f5:f2:c8:28:4a:23:62:de:e1:85:56:1a:69:40:c2:
                    94:ed:2f:e0:7c:0c:89:e2:6f:a8:87:09:18:62:50:
                    c2:c8:ac:1b:30:58:0d:d2:c9:57:78:5b:d1:79:2f:
                    d5:fc:aa:cf:ae:ec:cb:17:e6:29:a6:c7:a8:b2:41:
                    d9:0f:3c:c9:f9:f7:90:d1:c0:87:da:bd:5f:a0:65:
                    27:3d:14:ea:39:e8:93:5d:1c:12:49:ec:b6:b1:91:
                    34:76:19:55:f7:dc:15:c1:08:b9:ff:99:4a:8d:7b:
                    54:30:c6:89:98:17:a9:b8:c0:21:15:eb:c8:2e:ec:
                    63:d5:8a:07:10:c4:be:1c:c3:f2:e6:a2:66:24:7f:
                    d3:7e:8a:64:0d:31:a0:ef:97:03:c3:57:80:03:ca:
                    f6:15:52:d0:91:f3:9f:21:16:d3:cf:e2:07:cc:71:
                    2a:75:33:4d:f9:4d:9f:cc:46:32:6e:67:70:92:18:
                    9f:ac:ca:9a:ad:55:5f:69:ae:c8:ed:b1:01:7b:53:
                    34:e0:e4:b9:f9:1d:41:af:fd:26:84:e5:2f:3b:d0:
                    f0:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Alternative Name: 
                DNS:umd.edu, email:certmaster@umd.edu
            X509v3 Issuer Alternative Name: 
                DNS:umd.edu, email:certmaster@umd.edu
            X509v3 Subject Key Identifier: 
                66:D1:EF:DA:4E:FB:C8:C9:F2:09:93:B0:B8:61:46:E6:41:99:DB:7D
            X509v3 Authority Key Identifier: 
                keyid:04:F5:C3:23:20:78:07:60:B9:E1:17:CE:31:C8:7C:3E:96:49:2F:30

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: 
                Certificate Sign, CRL Sign
            Netscape Cert Type: 
                SSL CA, S/MIME CA, Object Signing CA
            Netscape Comment: 
                See http://cert.umd.edu/inter for details.
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4305.1.2.1
                  CPS: http://cert.umd.edu/certpolicy

    Signature Algorithm: sha1WithRSAEncryption
        77:56:77:e4:3b:0c:6a:d2:98:d0:34:9f:fc:74:0b:4f:1c:07:
        73:11:f7:01:cb:e6:fa:53:7e:69:3a:3b:80:24:83:f6:07:ac:
        4a:5f:8f:23:d2:74:c7:2c:5f:f6:28:77:27:35:95:82:f0:f3:
        57:e5:e8:f4:5b:c1:91:c6:98:bf:04:fb:9b:58:f8:c6:f9:3d:
        df:cf:39:31:7c:d9:68:59:b9:08:e9:94:c5:e4:f0:38:d1:9c:
        a5:86:a4:48:4a:8d:94:e6:5d:3c:bc:47:e3:b8:cd:32:f5:6c:
        2c:7e:23:fd:81:05:e4:73:88:06:33:09:50:00:11:3a:ac:c9:
        44:49:1f:15:d9:93:c7:c5:0f:f8:ca:ab:75:ea:0d:0a:3e:e2:
        70:61:83:cf:4f:58:d7:60:6f:69:e6:44:4d:64:85:e7:a9:b6:
        69:29:66:73:1e:e2:41:c6:cf:a7:24:ea:6a:7e:57:43:a2:02:
        d7:b5:22:f3:88:48:d9:48:7d:a3:7f:4a:ad:48:a4:14:2b:bf:
        23:aa:97:b8:c4:35:d5:43:f1:50:c3:c7:ba:77:b9:6a:2a:9e:
        19:db:12:8e:72:b2:2f:5b:a2:8b:72:28:42:0e:73:73:21:cd:
        2e:d0:bb:bf:b1:5d:d6:f9:5b:e7:d5:2d:58:79:8b:8a:ef:67:
        b9:12:56:d2

This 2048-bit certificate was signed by the Campus Root Certificate and its purpose is marked by the X509v3 Basic Constraints and X509v3 Key Usage fields as signing other certificates and Certificate Revocation Lists (CRLs).

This certificate is installed in the Web Server software (e.g., Apache) which presents it to the Relying Party software in the client.

The intermediate certificate in PEM text format: