You are located in service: Public Key Certificates

What are certificates for webservers?

What are certificates for webservers?

Kurzinformation

Server operators can apply for a server certificate to enable users of their server to establish a secure connection to the server. Such certificates are primarily used to identify WWW servers whose address begins with https:// instead of http://, but also e-mail servers and other servers to which an encrypted connection can be established using Transport Level Security (TLS, formerly SSL).

The RWTH Certification Authority works within the framework of the Public Key Infrastructure (PKI) of the DFN Association (German Research Network) to support science, research and teaching.

RWTH obtains its web server certificates from the GÉANT Trusted Certificate Service; the current certificate provider is Harica. Applications are made via the RA portal.

Certificate chains:

Root certificates are automatically supplied with common browsers and other relevant applications (during SW installation or update). This means that the server certificates issued can be validated worldwide.

The server certificates issued by Sectigo and Harica all have exactly the following “key usages” (X509v3 extensions):

  • X509v3 Key Usage: critical
    • Digital Signature, Key Encipherment
  • X509v3 Extended Key Usage:
    • TLS Web Server Authentication, TLS Web Client Authentication

All server certificates are valid for 365 days (as of 10.01.2025).

last changed on 07/10/2025

How did this content help you?

Creative Commons Lizenzvertrag
This work is licensed under a Creative Commons Attribution - Share Alike 3.0 Germany License