Getting Started with InCommon Certificates for Web Hosting


Web Hosting, InCommon Certificates, Web Application Sign Up (WASUP), Automate Certificate Management Environment (ACME), InCommon Certificate Manager (ICM)


ITS facilitates the process for U-M units and individuals to get InCommon server certificates. Managing InCommon certificates is an ongoing process of requesting new certificates and renewing them each year before they expire.


The following options are not mutually exclusive. A unit may use ACME for some certificates, the ICM web app for others, and WASUP for still others.

  • ACME for automating renewals (recommended for all units): To prevent a certificate from expiring inadvertently, ITS recommends that you implement the Automatic Certificate Management Environment (ACME) protocol to automate the renewal process between the certificate authority and your web servers
  • Web Application Sign Up (WASUP) for ITS-managed requests: Use the Web Application Sign Up (WASUP) service to request an InCommon certificate
  • InCommon Manager (ICM) for self-managed requests: Units that manage more than 20 certificates and have two full-time IT staff (who are responsible for their unit’s certificate management) can use the InCommon Manager (ICM) to directly request and renew InCommon certificates

For more information on each of these, see Includes links to TeamDynamix forms for requesting the above services.

Additional Information

Need additional information or assistance? Contact the ITS Service Center.


Article ID: 8041
Thu 5/5/22 10:05 AM
Fri 3/17/23 3:34 PM

Related Articles (1)

Describes how to use certbot and ACME with the InCommon Certificate Service to automatically obtain and renew TLS/SSL certificates without needing to run a web server on the machine obtaining the certificate, and without needing perform Domain Control Validation.