Request an SSL Certificate

All Imperial websites should be secured with an SSL certificate (Secure Sockets Layer certificate). 

Benefits of SSL Certificates:

  • Encrypts data: Scrambles data between a user's browser and your server, preventing 'eavesdropping' and 'man-in-the-middle' cyber attacks.
  • Builds trust: Displays a padlock icon and https://, reassuring visitors their connection is secure, which is vital for e-commerce and logins.
  • Improves SEO: Google prioritises secure (https) sites in search results, giving you a ranking advantage.
  • Prevents browser warnings: Avoids the "Not Secure" warnings in browsers that deter users and damage credibility.
  • Ensures compliance: Required for industry standards like PCI DSS for handling payment card data and for data protection laws, like GDPR.
  • Authenticates your site: Verifies your website's identity, preventing attackers from creating fake versions of your site.

 

SSL Certificate instructions

Certificate validity

SSL/TLS certificate validity periods from commercial certificate authorities are shortening, reducing from 398 to only 47 days.  

This change requires increased use of automation for certificate renewal, to both reduce the amount of manual intervention required, but also to improve the security of your websites.

Why the Change?

  • Enhanced Security: Shorter lifespans reduce the window attackers can exploit stolen or misused keys, as seen in recent breaches.
  • Quantum readiness: It prepares the ecosystem for post-quantum cryptography, where current encryption methods might be broken faster.
  • Improved revocation: Shorter validity makes revocation processes more efficient and relevant. 

All new requests for new certificates will be triaged for their suitability to use the service, so please continue to use our certificate request form.

SSL Certificate management & auto renewal

F5 Load Balancer Service

We recommend your websites use our existing F5 Load Balancer Service. This is available for websites that are hosted in an ICT managed datacentre and offers advantages in performance and security.  

The F5 offloads the CPU-intensive tasks of encrypting and decrypting SSL/TLS traffic from your backend web servers. This frees up server resources to focus on application logic, improving overall application performance and throughput.

The SSL certificates will auto renew every 3 months, with no action required from website owners or ICT.

Can't use the F5 load balancer?

For websites which can’t use ICT’s F5 service,  it’s necessary that automation is put in place to auto renew your certificates.  

Linux - Our recommendation is that Linux based webservers should be configured to use Lets Encrypt certificates (free of charge), which are generated and renewed automatically by certbot

Windows - For websites hosted on windows systems we recommend the use of simple-acme.

Further support

Complete our certificate request form to get a new SSL certificate. Requests will be triaged for their suitability to use the ICT provided service.

For support and advice, please contact the Hybrid Cloud team via ASK.

Content udpated: 13 January 2026