Manage your certificates
RWTH members can manage their GÉANT/TCS server certificates via the web interface https://ra-portal.itc.rwth-aachen.de.
- Access the web interface only from within the RWTH IP network.
- User authentication occurs via Single-Sign-On.
- Following functionality is available:
- Apply for a server certificate, using a new CSR file
- Renew a server certificate, using previously uploaded CSR file
- Download server certificate only
- Download server certificate with chain (recommended)
- List own server certificates
- List server certificates of own contact group
- List server certificates of own domains (use button "SSL-Zertifikate in meinen Domains" und choose relevant domain from the dropdown menu)
- The list can be filtered according to valid/rejected expired revoked/all server certificates (default is "valid")
- The list of server certificates can be sorted according to expiry date or common name in ascending or descending order (default is "ascending expiry date")
- Search for CN and SAN in a server certificate
- Search for applicant, application number or certificate number
- Revoke a server certificate
- User permissions are based on CN/SANs resolution in DNS, data is sourced via the right-manager.
- Certificates are issued/revoked
- automatically, if the user is authorized
- after moderation by an authorized network contact person
- after moderation by the RWTH Registration Authority (RWTH RA)
- Search under CN/SAN is dependant on network group membership
- only "own" certificates can be found, if not a member of any contact group
- within a subdomain, granted network contact group membership
- Notifications are sent via e-mail:
- upon issue
- at expiry (28 and 14 days before expiry)
- upon revocation
- in case an application needs to be moderated by the network contact group members
- Please address any questions or feedback to the IT-ServiceDesk .
Links to:
