[Skip navigation links]

AusCERT CS Certificate Types and Use Cases

The AusCERT CS provides access to the following certificate types.  We have identified differences and similarities between the two service providers that are currently in operation in 2014.  


SSL/TLS certficate are used for web servers or other hosts. It allows for mutual authentication by client and server. More typical implementations provide server authentication, by allowing a client to verify the authenticity of the server.

In addition, it provides confidentiality and integrity of the data sent in transit, through cryptographic mechanisms.

SSL certificates should be used where ever there is sensitive data that needs to be sent over an insecure nework (where confidentiality is required); and/or where there is a risk that the data may be modified in transit (integrity protection); and/or to prevent client hosts or other relying parties from being fooled to exchanging sensitive information with a fraudulent party that impersonates the legitimate server.

Standard SSL/TLS Certificate

A standard SSL/TLS certficate is normally used to secure a single web site. When selecting a standard SSL certificate within the CSM, the common name (CN) must be a FQDN. The certificate issued may include a subject alternate name (SAN) if the CN does not begin with www. Note: If a standard AusCERT SSL Certificate is selected,any SAN entries in the supplied CSR will ignored.

If using Quovadis Trustlkink, if you require only a standard SSL certificate for one domain, then select the QV Business SSL 10 SAN - for up to 10 SAN fields and leave the other fields blank.

Wildcard SSL/TLS Certificate

Wildcard SSL/TLS certficates can be used to used to secure any number of sub-domains (host names), without needing to specify each one. A wildcard certificate will also match the base domain.

An example of a wildcard match is as follows:

  • *.example.edu.au will match:
  • example.edu.au
  • business.example.edu.au
  • chem.example.edu.au

but not any of the following:

  • www.business.example.edu.au
  • www.chem.example.edu.au

QV Business Wildcard G2 is available through QV TrustLink.

Multi-domain SSL/TLS Certificate

A multi domain certificate (MDC) is normally used to secure a group of specific web sites. A combination of fully qualified domain names (FQDN) may be specified in an MDC.  QuoVadis and Comodo do not support inclusion of a wildcard domain within the SAN.  The SAN entries may contain email addresses, IP addresses, hostnames, etc. A public IP address can be used in the CN field (not just the SAN field). The following SSL/TLS certificates are offered through the TrustLink provided by QuoVadis:

  • QV Business SSL 10 SAN - for up to 10 SAN fields
  • QV Business SSL 20 SAN - for up to 20 SAN fields
  • QV Business SSL 50 SAN - for up to 50 SAN fields.

If you require up to 100 SANS, then this can be arranged manually by sending a request to Quovadis: au.support@quovadisglobal.com

Note that when including a public IP address in the SAN, you must add and obtain approval for each SAN entry in addition to the CN. For the verification of public IP addresses in Comodo SSL certificates, refer to the verification procedures. For the verification of public IP addresses in QuoVadis SSL certificates, refer to the QV verification procedures.   Please also note that systems using IE will not be able to connect to systems with IP address SANs. Firefox and Chrome are unaffected.

When ordering a multi-domain SSL certificate from the CSM, select AusCERT Multi Domain SSL from the drop-down menu.

When ordering an SSL certificate through QV TrustLink, select the appropriate SAN size for your requirements.

SGC Certificates

A server gated cryptography (SGC) certificate upgrades the encryption capabilities of older browsers from 40-bit encryption into full 128 or 256-bit encryption. This means your web site protects and is trusted by the highest number of internet users possible, even those using older versions of Windows and Internet Explorer.

These are not available through QuoVadis TrustLink due to security reasons.

UC Certificates (Microsoft Exchange)

Unified communications certificates (UCC) are used with Microsoft Exchange and are similar to MDC, but also include uses for telephony and other communications. SAN entries may contain email addresses, IP addresses, hostnames, etc. For more details, download Comodo 2048 bit SSL certificates.

For QuoVadis TrustLink, select one of the multi-domain certificates instead, which can be used for UCC.

Intranet SSL/TLS Certificates

Intranet certificates are suitable for internal network servers and hosts. Their use is limited to private ranges of IP addresses and names (non-FQDN). Example:


For more information about what host names and addresses are permissible for use in an Intranet environment, refer to the Comodo guide of acceptable internal domain names.

Please note that SSL certificates for internal server names and private, non-routable IP addresses will become deprecated. Therefore, it may be best to avoid requesting these certificates in future. See the CA/B Forum Guidelines on this topic. The use of these certificates will be eliminated by October 2016; and CAs will not be able to issue certificates of this type with an expiry date later than 1 November 2015. From 1 October 2016, CAs will REVOKE all non-expired certificates of this type.

This applies to all Certificate Authorities, including QuoVadis.

EV SSL/TLS Certificates

Extended validation (EV) certificates provide higher levels of assurance to relying parties that the organisation that appears in the certificate owns the specified domain. EV SSL certificates, where valid turn the address bar green; or red when invalid to provide additional visual clues to the relying party as to whether the certificate can or should be trusted.  It is not possible to include wildcards in the SAN.

EV SSL certificates can be used for financial transactions.

For QuoVadis TrustLink, the following EVSSL certificate types are available:

  • EVSSL 10 SAN G2 - for up to 10 SAN fields
  • EVSSL 20 SAN G2 - for up to 20 SAN fields

For more details, see the EV-SSL FAQ.

IGTF Accredited Grid host certificates

These are only available through QuoVadis TrustLink. If they are not enabled for your organisation, contact AusCERT.