Login   |    ITaP Home > Security & Privacy

Thawte SPKI (Starter Public Key Infrastructure) Program FAQ

For questions regarding the Thawte SPKI program, email thawtead@purdue.edu.

What is the Thawte SPKI program?

The SPKI program at Purdue is a centralized system for purchasing and managing Thawte SSL certificates for the purdue.edu domain. All Thawte purchases for the purdue.edu domain must go through the SPKI program. This offers a number of benefits to users and to the university as a whole. First, it allows internal verification of SSL certificate requests and centralized management of those requests. Second, bulk purchasing and administration make SSL certificates less expensive in both staff time and money. Finally, the SPKI program allows for a faster vetting process conducted by Purdue staff, speeding up the issuing of needed certificates.

Because of the transition to the SPKI program, new certificates will have to be requested rather than renewing existing certificates. Renewals at the end of the certificate's life will be standard renewals, and will once again be at a reduced price through the program.

Quick Start

Before you start:

  • Make sure you know how to generate a CSR for your operating system. Thawte provides guides for most operating systems on their website's support section.
  • Gather the information needed to make the request. See "What information do I need to request a certificate?"

Getting an SSL certificate

  1. Go to Thawte's site and generate a Thawte ID. See "How do I get a Thawte ID, and why do I need one?"
  2. Send an email to the Security and Policy group SPKI administrators (thawtead@purdue.edu) with the following information:
    1. The manager/director with whom we can confirm your identity and authority to request the certificate.
    2. The account number for us to bill for the certificate.
    3. Your Thawte ID.
  3. Once we have verified your identity and right to request, we will approve you as a technical officer (see "What is a technical officer") and you will be able to log into the Thawte SPKI website and request the certificate.
  4. Log into the Thawte SPKI website https://www.thawte.com/cgi/enterprise/contents.exe and do the following:
    1. Select "Account" on the menu to the left.
      i. Select "PURUNI256" as your SPKI account.
    1. Select "My Products" on the menu to the left.
      i. From the new menu, select "Request"
      ii. Request a new Web server certificate
      iii. Thawte provides software specific key generation instructions for most popular systems in the support section of their website. Search for the key phrase "CSR" with your web server software.
    1. Once you have finished the request process, an email will automatically be generated and sent to the IT Security and Policy group. Your certificate request will be checked, and your certificate will be approved if it is correct. You will receive notification and your certificate as soon as it is available. Remember to keep your certificate and keys backed up!

Frequently Asked Questions