1. Certificates and Certificate Authorities
Digital certificates are used by some servers to provide authenticated, encrypted connections using the Secure Sockets Layer (SSL) protocol.
When you use a service such as Nexus on a secure, encrypted connection, the server will display a digital certificate to prove that it is the server that it says it is; without this, it would be possible for another server to masquerade as Nexus and accept your password.
In order for your browser to trust that the certificate itself is valid, the certificate needs to be issued by a trusted authority. Most of the OUCS user-facing services use certificates issued either by GlobalSign or by Comodo. These certificates will automatically be recognized by most modern software.
For more information about digital certificates, including information about how to obtain a digital certificate for a web site inside the .ac.uk domain, see the JANET Digital Certificates page.
Registered Oxford University IT Support Staff may obtain certificates for servers in domains registered to the University of Oxford (generally .ox.ac.uk but others too) via OUCS using the free of charge JANET Service. Full details may be found at https://wiki.oucs.ox.ac.uk/itss/CertificateService (N.B. only available to registered Oxford University IT Staff)