Parts of a Registration
Note: As of April 3, 2017, plain HTTP registrations will no longer be accepted — only HTTPS will be allowed.
The WebAccess servers need information about your website and its Cosign configuration to allow it to function, consisting of:
- Certificate’s Common Name (CN) used by your website’s Cosign software. (No other names in the certificate are used, and no special handling is done for wildcard names.) The certificate must be signed by a well-known Certificate Authority (CA).
- Cosign Service Name (aka service name, cookie name, cosign-…).
- Website name (host portion of a URL).
- Port number in URL (if explicitly specified)
(the CN and Cosign Service Name must be lower case.)
Which Parts are Required?
For most registrations, only the CN is sent: the values for the Cosign Service Name and website name default to the CN. Some website configurations (e.g., sharing a certificate, wildcard or multi-domain certificates, IIS installations serving two or more cosign-protected websites, etc.), require specifying multiple pieces of the above information.
To reduce the need for most registrations, the WebAccess servers automatically accept the most common type of cosign configuration. For such a configuration, all of these must be true:
- CN ends in “.psu.edu”, and must be signed by a well-known CA.
- Cosign Service Name (ignoring its leading “cosign-“) and website name are the same as the CN.
- URL does not specify a port number, similar to https://website.psu.edu/, not like https://website.psu.edu:8443/)
If they are, then the website should not need an explicit registration.
Registering your website
If you do need to register your website (or aren’t sure), then submit the information (or question) to the WebAccess team.
Registration requests, which are activated in the WebAccess servers on University Park regular business days (Mon-Fri, excl. holidays and closures) by 7 a.m. Eastern Time, must have been received by 4:30 p.m. of the preceding business day.