Certificates
Certficates can be used to verify the identity of the owner, and eventually other properties (e.g. Email or organisation), of a public key (refer to public key cryptography).
The used cryptohraphic keys can be used to generate electronic signatures and/or to establish encrypted communication channels.
Electronic signatures can offer:
- authentication - linking the originator to the information
- integrity - allowing any changes to the information provided to be detected more easily
- non-repudiation - ensuring satisfaction (in a legal sense) about where the electronic signature has come from
The Certificate Authority "RWTH CA" is a Sub-CA in the DFN-PKI (Public Key Infrastructure). We adhere to the DFN-PKI Certificate Policy. The certificate applicant must be associated to the RWTH Aachen University.
The implemented certificate chain ends at a built-in Token from Deutsche Telekom, which is anchored within standard browsers, thus enabling the automated validation of the certificates issued.
Electronic signatures generated with cryptographic keys associated with our certificates have the status "advanced electronic signature", according to the German Signature Act.
Via the RWTH-DFN certification portal, user or server certificates based on the X.509 standard can be easily applied for. Due to the missing root certificate in the certificate store of older operating systems (Android <= 4.4), problems occur when checking the certificate chain. |
The following certificates can be applied for:
- User certificates for mail addresses (e.g. the domain @rwth-aachen.de and its subdomains)
→ detailed instructions are described here
- Server certificates for servers from the rwth-aachen.de domain
→ detailed instructions are described here
=== GRID === GRID === GRID === GRID === GRID === GRID === GRID === GRID === GRID === GRID === X.509 Grid certificates, which can be applied for via the RWTH Aachen Grid RA certification portal, are issued for the use of Grid services. The DFN Grid guidelines apply here. |