The Bauhaus-Universität Weimar is a member of the DFN-PKI – the “Public Key Infrastructure in the German Research Network” and operates its own registration office at the SCC. Digital certificates can be issued, distributed and audited via the DFN-PKI. Advanced certificates based on the X.509 standard are used.
The main tasks of our office are the processing of certificate applications and the blocking of certificates, as well as the advice of users.
Due to the close cooperation and shared use of the IT infrastructure, we also issue certificates for the University of Music FRANZ LISZT Weimar.
Request for user certificates (Nutzerzertifikat tab)
Manual (only in German)
Note: The certificate request web interface does not work with MS Edge. Please use Internet Explorer, Chrome/Chromium or Firefox.
Internet Explorer allows you to submit your request as usual.
For other browsers, the procedure has changed:
- The User Certificate tab refers to pki.pca.dfn.de/dfn-pki/dfn-ca-global-g2/4860 click
- Interface of the DFN-PKI - "Certificates" click
- Choose a password to protect browser data - "Continue" click
- Click on "Apply for a new certificate"
- Fill in the certificate request page as usual.
Request for grid certificates (users and servers)
Request for certificates for foreign domains / by external server administration etc. (Instructions only in German)
Web interface – root certificates, blocking list, certification policy
To ensure that connected clients can verify the server certificates, you first have to implement the root certificate into your browser/e-mail programme. By the use of root certificates which were certified by T-Systems this is generally done automatically. Otherwise you will have to import the root certificate into your browser manually. You can do this via the web interface of our registration office. The root certificate provided on the interface can be temporarily accepted until the root certificates are successfully imported.
On the web interface you will also find the certificate blocking list which you should install into your browser/e-mail client. Click on “Install blocking list” (“Sperrliste installieren”) so that invalid certificates are no longer accepted. You can also find additional information on the interface, such as the certification policy.
Installation of the Deutsche Telekom root CA certificate in Linux server systems
Contact Data Registration office
Servicezentrum für Computersysteme und -kommunikation
phone: 0 36 43 /58 24 32