UHH CA RA at the Department of Informatics
Registration office (UHH CA RA) for personal certificates for employees and students of the Department of Informatics
To ease the workload of the central RRZ site, an additional registrar ( UHH CA RA) has been set up for personal certificates for the employees and students of the Department of Informatics. In addition, approved server certificates can be activated here.
This CA is responsible solely for the Department of Informatics!
From June 1st, 2021, the application process has been changed. There is a new web form for this, as described on the RRZ pages for the participant service.
The application process is described in detail on the PKI Web pages of the RRZ (in German). Please use the Informatics Registration Authority (“RA_ID=4450”) only; we can't process applications sent to other RAs.
The application form generated in the process must be sent to the Informatikum as an attachment: Upload form PKI application Informatikum
Identification of the person is necessary for the release of a user certificate. This can be done by video call or by appearing in person with an identification document at the participant service at the Informatikum ( A. Heymann or R. Zierke ) personally.
The personal qualified certificates
- are integrated in the DFN structure,
- can be integrated into mail and browser clients,
- can be used for signing and encryption,
- are limited in time (extension possible) :
for employees until retirement from the university, max. 3 years ,
for students max. 3 years but limited to the time of enrollment,
- should be granted only for valid (fully qualified) UHH email addresses !
Registered certificate holders can only be found in the PKI directory via ldap search query or in appropriately configured mail clients if "Publication of the certificate" is approved when applying.
Server certificates must be approved by accredited persons (in the Informatics Department: R. Zierke).
Notes on the use of certificates:
The registered certificates can only be used if they (and the certifying bodies) are known on the system and / or in the specific application.
In some applications the root certificates are pre-installed, in others they must be imported manuallyespecially personal certificates . Detailed information on this can be found on the PKI Web pages of the RRZ.
User certificates can be looked up at the PKI page in the tab “Zertifikat suchen” where the user's correct (full) email address must be specified. The user certificate can then be loaded with one click.
For security reasons your personal certificates should be deleted from the browser's storage after exporting them to your mail clients(s).