Archives

TLS Certificates

"" Overview and Key Features:

Transport Layer Security (TLS) certificates, formerly known as Secure Sockets Layer (SSL) certificates, are digital certificates that keep your internet connection safe by encrypting the data between your web browser, the website and its server.

The TLS service provides a cost advantage over purchasing it direct from a commercial certificate authority. Other benefits include:

  • The site validation process for the utoronto.ca or toronto.edu domains is completed.
  • There is no cost charged back to the individual department or division for most certificate products.
  • Notification of imminent certificate expiry is provided at least two weeks before the expiry date.
  • Information Security adds a departmental contact vetting process to ensure authorization to use server certificates.
  • Automatic certificate renewal (ACME) is available for this service.

""  Getting Started:

Information Security, part of ITS, facilitates the purchase of Sectigo TLS certificate products for University server administrators. To order certificates, you use the Sectigo Certificate Manager.

To order a new TLS certificate, refer to the ordering a TLS certificate article in ESC.

To set up automatic renewal for an existing TLS certificate, refer to the using ACME automatic renewal article in ESC.

""   Get Help:

For support, submit a request via the Enterprise Service Centre (ESC).

VPN and Secure Remote Access

""   Overview and Key Features:

Members of the University community must secure their access to sensitive systems and protect themselves when connecting from remote locations, such as while traveling or working from home. Virtual Private Networks (VPNs) allow a user to route their computer’s internet traffic through a specific network while not directly connected to it. U of T offers two VPN tools for different purposes:

  • UTORvpn: A general remote access VPN that protects connections and allows users to connect to the campus wireless network remotely.
  • AdminVPN: Allows the owners of administrative and academic systems, as well as department administrators, to enforce strong authentication and secure connections.

   

Help - Free computer icons   Getting started

  1. Download Cisco Secure Client (for desktop) or the Cisco Secure Client app (for Android/iOS). Cisco Secure Client was previously known as “Cisco AnyConnect Secure Mobility Client”.
  • Installation instructions for Secure Client can be found below.
  1. Open Cisco Secure Client.
  2. From the dropdown menu, enter or select “general.vpn.utoronto.ca” and click Connect.
  3. An authentication window will open. Enter your UTORid and password, then cick OK.
  4. Your computer will notify you that it is now connected to UTORvpn.

For detailed connection walkthroughs, see the Enterprise Service Centre (ESC) Knowledge Base:

 

Installing the VPN client

You must have an administrator account to install Cisco Secure Client on desktop. If you are using a U of T-managed workstation, contact your local IT help desk to have them install the software for you.

Installing on Windows

  1. Navigate to your Downloads folder and run the Cisco Secure Client .msi
  2. Agree to the licence agreement and the installation will complete.

Installing on Mac

  1. Navigate to your Downloads folder
  2. Double-click on the Cisco Secure Client .pkg file to start the installer.
  3. Click Continue and accept the license agreement.
  4. Uncheck all modules except VPN. Click Continue.

 

Installing on Linux (Ubuntu)

  1. Navigate to your Downloads folder and extract the Cisco Secure Client gz file to a directory.
  2. Navigate to the VPN directory under the extracted directory. Right-click and choose Open In Terminal.
  3. Run the command: sudo bash vpn_install.sh. Enter your password when prompted.
  4. Agree to the license agreement and the installation will complete.

 

Password Management Service

,

""Overview and Key Features:

1Password is a cloud-based, cross-platform password management solution that allows users to organize and store all passwords in one secure place.

Password re-use (using the same password across multiple accounts) is a significant contributor to data breaches, as stolen credentials can be exploited to gain unauthorized access to other accounts. To address this vulnerability, the University of Toronto has acquired 5,000 1Password Business licenses for staff, faculty and librarians and six years of 1Password Families at no cost for students.

""Getting Started:

To set up your 1Password account, visit:

"" Get Help:

For more information and FAQs, visit the password manager page.