You are located in service: Certificates

Import your user certificate into Internet Explorer

Import your user certificate into Internet Explorer


What is a group certificate:

If an e-mail address is used by several people or if it is a functional e-mail address (such as, a group certificate should be applied for instead of a user certificate. This certificate together with the generated cryptographic keys (i.e. the .p12-file) must be transmitted securely to all relevant users.

A group certificate is obtained similarly to a user certificate

  • the application procedure depends on the browser used
  • the usage depends on the e-mail application used

Below we show an example of how you would apply for a group certificate if you were using the Internet Explorer on Windows.


3.1 Find the e-mail from the DFN-PKI

Gruppenzertifikat im IE importieren 1

The e-mail is digitally signed.

The e-mail is sent to applicant and to group mailbox.

The CN ist the "group name".

Open the secind link in IE.

Make sure you to be working on the same computer as when you created the certificate request. The required crytographic data is only stored on this computer. 


3.2 Import/Integrate Certificate into Internet Explorer

Gruppenzertifikat im IE importieren 2

3.3 Enter PIN

Gruppenzertifikat im IE importieren 3

The PIN is only required if you didn't agree

to have the certificate entered into the

DFN-PKI LDAP Server  (step 1.2).


3.4 Confirm access

Gruppenzertifikat im IE importieren 4

Here again the windows certificate store needs to be read/write.

You need to allow access.

If the private part of the RSA key pair is found, the imported certificate is saved as "own certificate".


3.5 Import is complete

Gruppenzertifikat im IE importieren 5

last changed on 01/29/2021

How did this content help you?

Creative Commons Lizenzvertrag
This work is licensed under a Creative Commons Attribution - Share Alike 3.0 Germany License