You are working at an institute of the University of Bremen and need a certificate for a server you are in charge of? The following checklist describes the procedure step-by-step from the beginning.
The application, creation and use of a certificate is a complex process. Please read the instructions carefully.
- The first step is to create a certificate request. This is usually done using the OpenSSL program; to make it easier for you, we have developed a web tool that helps with this complicated step. (If you have the necessary technical knowledge, you can of course create the certificate request yourself using OpenSSL. The PKI project of the German Research Network has created a concise manual (in german) for this purpose.
- In the previous step, two files were created that are now on your workstation. One contains the certificate request, the other contains a private key. In the next step, use the certificate application form to apply for your certificate. Go to the website of the CA of the University of Bremen. It is hosted at the German Research Network, which is why the design differs from the normal design of the university.
- Select the menu item Server Certificates and complete the form. You have to upload the certificate request generated in the first step to the PKCS#10 certificate request form item. Confirm the form with Continue. In the following dialog box, check the correctness of the information. Here's your last chance to make changes.
- Follow the instructions on the website by viewing and printing the certificate application form. Please submit the printed application form in person to the registration office of the university:
Account Administration Office
Mo.- Fr. 10.00-12.00
You must submit the following documents to the registration office:
- a valid photo ID,
- proof that you are entitled to receive a certificate for the institution applying for it, e. g. a letter from the institute or project manager,
- in the case of certificates for domains that are not listed below uni-bremen.de, we also require a formal authorization letter from the Admin-C or Tech-C of the respective domain in which the University of Bremen is authorized to issue certificates for the domain in question.
- After the registration office has confirmed your certificate request, you will receive the completed certificate by e-mail within a few minutes.
Remember that the certificate only has a meaningful function in connection with the private key generated in the first step. The certificate is worthless if the private key is lost or compromised. In this case, please revoke the relevant certificate immediately or contact us so that we can take care of this for you.
Please understand that we cannot provide detailed descriptions of how certificates work or how certificates and keys can be integrated into the server software you use. Please consult the documentation of the software product first.