InCommon Certificate Service Transition from Sectigo to CertiNext

As website security requirements continue to evolve, OIT is working to improve how website certificates are renewed and maintained across campus, as their lifespans will gradually and significantly decrease over time.

What Do I Need to Know?

Administrators who manage certificates outside central OIT should be prepared to review and update their certificate workflows if necessary.

What to Expect Now

The InCommon Certificate Service is transitioning from Sectigo to CertiNext on July 17, 2026. Existing certificates issued with Sectigo before July 17, 2026 will continue to be valid until their expiration date. Departments and administrators responsible for SSL/TLS certificates should review their certificate issuance and renewal processes, particularly any automated ACME integrations. OIT is evaluating the impacts of the transition and will provide additional implementation guidance as CertiNext onboarding is finalized. 

What to Expect in the Future

Expect communications from OIT about the automation efforts and implementation so administrators who manage certificates outside OIT can understand how auto renewals will work.

How to Prepare

Administrators who manage certificates should identify the websites that they need to renew close to the July 17, 2026 date and be prepared to address the website’s certificate renewal before the July 17, 2026 date.

This means that certificates renewed before July 17, 2026 will receive the full 199-day validity period, even if they are not immediately installed. This provides approximately 6 months of additional time while the University transitions to the CertiNext platform.

Questions?

If you have any questions, please reach out to the project manager assigned to this project, Christina Barnett