Server certificates are a type of identity card for servers which ensure that the data
- originate from exactly the desired server (authenticity),
- were not falsified during transmission (integrity) and
- cannot be read by unauthorized persons (confidentiality).
This procedure is required, for example, to offer secure websites.
The whole thing works with similar to a pair of keys that belong together. Everything that was encrypted with one key can only be decrypted with the other key and vice versa.
One key is kept to itself (private key, private key), the other is made accessible in public (certificate, public key). In order to ensure that the public key really belongs to the specified server, it must be authenticated like an identity card. This task is performed by the certificate authority (CA).
The Computer Center operates its own certification body (CA) at the DFN Association. The name of the CA is "HS Emden/Leer CA". The user interface of the CA can be found at https://pki.pca.dfn.de/hs-emden-leer-ca-g2/pub.
Please apply for certificates only after consultation with the HRZ.
Further information can be found on the DFN-PKI website.
Instructions for generating the certificate with OpenSSL can be found here: How to use OpenSSL
The authenticity of the certification authority "HS Emden/Leer CA (DFN-CA Global G2 Certificate)" is guaranteed by the higher-level authority "DFN-Verein PCA", which in turn is guaranteed by the root certificate of Deutsche Telekom. The entire certificate chain and all individual certificates can be found here.
The necessary root certificate is now included in almost all applications and operating systems, so that the issued certificates function smoothly and without error messages. In some older browsers and mobile devices the necessary root certificate is still missing. In this case you should also download and install the necessary certificates directly from the link list below.
Your server certificate is certified by
- CA of the Hochschule Emden/Leer is certified by
- DFN-PCA is certified by
- German Telekom
A click on the links installs the certificate directly on your browser.