University of Hamburg - to research, to teach, to educate and form, to homepage
Informatics Computing Centre

Photo: UHH/Denstorf

Dept. of Informatics

Old UHH CA RA at the Department of Informatics

Registration office (UHH CA RA) for personal certificates for employees and students of the Department of Informatics

To ease the workload of the central RRZ site, an additional registrar ( UHH CA RA) has been set up for personal certificates for the employees and students of the Department of Informatics. In addition, approved server certificates can be activated here.

This CA is responsible solely for the Department of Informatics!

In October 2022 the application process has been changed. There is a new web form to apply for personal certificates with the SECTIGO Certificate Manager of Géant TCS, as described on the RRZ pages for the participant service. Note that this new procdure currenty works for staff only (i.e. for persons whose identity had been checked while signing their contract).

Other persons, e.g. Informatics students, can still apply for DFN-PKI certificates using the old procedure ot the at Informatics Registration Authority (RA_ID=4450) until summer 2023.

The application form generated in the process must be sent to the Informatikum as an attachment: Upload form PKI application Informatikum

Identification of the person is necessary for the release of a DFN-PKI user certificate by personal apprarance with an identification document at the participant service at the Informatikum ( A. Heymann or R. Zierke).

Notes:

The personal qualified DFN-PKI certificates

  • are integrated in the DFN structure,
  • can be integrated into mail and browser clients,
  • can be used for signing and encryption,
  • are limited in time (extension possible) :
    for employees until retirement from the university, max. 3 years ,
    for students max. 3 years but limited to the time of enrollment,
  • should be granted only for valid (fully qualified) UHH email addresses !
    example: Hans.Meier@uni-hamburg.de

Registered certificate holders can only be found in the PKI directory via ldap search query or in appropriately configured mail clients if  "Publication of the certificate" is approved when applying.

Notes on the use of certificates:

The registered certificates can only be used if they (and the certifying bodies) are known on the system and / or in the specific application.

In some applications the root certificates are pre-installed, in others they must be imported manually, especially personal certificates . Detailed information on this can be found on the PKI Web pages of the RRZ.

User certificates can be looked up at the PKI page in the tab “Zertifikat suchen” where the user's correct (full) email address must be specified. The user certificate can then be loaded with one click.

Security note:
For security reasons your personal certificates should be deleted from the browser's storage after exporting them to your mail clients(s).