Applying for a user certificate
These instructions describe how to apply for a user certificate at DFN-PKI via your browser.
Known supported browsers are: Firefox, Edge (Chrome based), Chrome, Safari.
PLEASE NOTE: You must keep the .JSON application data file generated in the application process (step 4), as well as the associated password, safe. This is essential in order to be able retrieve the issued certificate.
Three passwords are to be assigned during the certificate creation process:
Be sure to retain knowledge of these.
1. Select apply for "user certificate" on the DFN-PKI webpage.
2. Fill in the application.
Prefix Name Supplement (optional): Your academic title, only if it is shown in your official ID document.
First Name (GN): Your first name as shown in the official ID document (additional first names are optional, but will be documented during the ID check).
Last Name (SN): Your full last name, as shown on the official ID document.
Email: Your email address for which the certificate shall apply.
Organisational Unit (OU): Name of your RWTH institution (e.g.: IT Center, Chair of Computer Science 12).
Namespace: Here you can choose whether city and state should also be specified in the DN.
3. Your compliance is required.
Revocation PIN: The PIN is required to revocate the received certificate if necessary. Please keep this PIN in a safe place.
Personal note: This note is saved in the .json file.
You have to agree to the DFN-PKI regulations.
You may agree to the publication.
You must agree to the processing of your personal data.
4. Save application data file (JSON) and assign a password.
Check submitted certificate and personal information and if correct select "Save application data file (JSON)".
This step creates a .json file with your cryptographic keys (RSA keys) and the submitted certificate and personal information.
Prepare to enter the .json password.
Enter the password with which the .json file will be encrypted/protected.
You must keep the .json file and its password safe.
Both are necessary in order to retrieve the issued certificate.
5. Download certificate application form (PDF) and sign it.
You need the .pdf file for your personal identification at the registration authority.
Save and/or print the .pdf file. Read it, date it and sign it by hand.
As the contents of the application form (PDF file) are currently not displayed in English, here in short what you are agreeing to:
6. Submit the application form in person and go through the required identity verification.
The DFN-PKI certification policy requires that the identity of the applicant be verified by the local registration authority, see Possible Ways of Identity Verification options in order to submit your certificate application form.
Here you can read how to retrieve the certificate: