Requesting a Server Certificate for Shibboleth ServiceProviders

For RWTH-Federation we generally only accept RWTH-CA certificates.
For more details, see the usage scenario for the DFN Association Community PKI and how to generate a CSR with OpenSSL.
Important
For normal HTTPS communication (for your web server) you continue to use the official certificates from GÉANT/TCS.
You therefore have two certificates for your service provider: one certificate from the DFN-Verein Community PKI, which you use for the Shibboleth service provider, and one certificate from GÉANT/TCS, which you use for the web server.
You therefore have two certificates for your service provider: one certificate from the DFN-Verein Community PKI, which you use for the Shibboleth service provider, and one certificate from GÉANT/TCS, which you use for the web server.

