End of contract Sectigo certificates

The contract with Sectigo may end sooner, so please renew SSL certificates promptly.

Dear Sir or Madam,

As you may have heard through the grapevine and other channels, our contract with Sectigo may end earlier than the agreed date at the end of April 2025. The end date is currently rumored to be January 10, 2025, and Géant/ACOnet is negotiating with new providers, but details are not yet known.

For this reason, we recommend that you renew your SSL certificates (single, multidomain or wildcard), your S/MIME certificates (and those of your colleagues if you are involved in IT administration) and any code signing certificates promptly in order to achieve the longest possible term in the event that you lose the ability to issue them. For SSL and code signing certificates, this would be 1 year from the date of issue or 2 years for S/MIME certificates.

Regarding SSL certificates, where possible, purchasing via ACME is preferred (automated renewal of server certificates using a small application on the server, e.g. certbot, available for all operating systems), then in an emergency it is relatively easy to switch to another certificate provider (e.g. LetsEncrypt). This requires an ACME account, which we can set up quickly on request (informal email from an IT contact person to security@tuwien.ac.at stating the subdomain/hosts for which you need this account).

Users of the Secure Gateway (automatic signing/encryption of emails when leaving the upTUdate world) do not need to take any action, here the certificates are issued centrally by us.

We will keep you informed of further developments in this matter.

If you have any questions, please contact us, preferably via ticket/email to help@it.tuwien.ac.at.


Kind regards

Campus IT Security