Service Category: Information Security
A digital certificate is an electronic data record that describes certain properties of persons or computers and that can be verified by cryptographic procedures. When a certificate is created, a private and a public key are first generated. The public key is then confirmed together with other properties, such as the name of a person or a server, by the signature of the certification authority. The resulting document is the digital certificate of the person or server (see also: Intoduction to DFN Global Certificates).
Based on the DFN-PKI (German Research Network - Public Key Infrastructure), the kiz can create both user and server certificates of the security level "Global" for members of the University of Ulm.
An essential field of application for user certificates is securing communication via e-mail. The owner of a user certificate can sign his e-mail with his private key and then send the signed e-mail together with his public key. The recipient can check the authenticity of the e-mail using the sender's public key and at the same time confirm the sender's identity using the certificate chain. Thus, the recipient knows that he has received the sender's unmodified e-mail.
To apply for a DFN Global Server Certificate, please see the instructions further down on this page.
- For members of the University of Ulm, the kiz issues personalised user and server certificates of the DFN-PKI security level "Global" upon request.
- Server certificates are only created for public, official servers if this is necessary to secure the transmission of sensitive data, such as passwords.
- The signature of the user certificates is not legally binding.
- User certificates are usually valid for 3 years, server certificates for 5 years (validity period). The regular validity period can be shortened if a certificate is revoked or the certificate holder leaves the University of Ulm.
- Certificates are published via the LDAP server of the DFN-Association (Notes on Use).
- The location of the registration office for user certificates is in the library headquarters at the University West (see below).
- We provide support when applying for a DFN Global user or server certificate, provided the application is made with Firefox. Any support beyond this, e.g. for signing e-mails or using other browsers, is provided on a best effort basis.
- We cannot provide support in the event of problems with certificate-based encryption of data and e-mails. The consequences of lost keys are irreversible. The usability of many e-mail programs is considerably impaired by encrypted e-mails.
Members of the University of Ulm with an e-mail ending with "@uni-ulm.de" can apply for a personal user certificate.
Members of the University of Ulm who administer servers for an institute or their own working group can apply for a personal server certificate. The prerequisite is that the server is used for official purposes, is publicly accessible and processes data to be secured by transport encryption.
The use of the certificates is not subject to any time restrictions within their period of validity.
Personal contact is required to process a certificate application:
Registration Authority Server Certificates
Applications for server certificates are processed directly by the administrators at the kiz. Contact and appointments can be made by e-mail to the following address: ra(at)uni-ulm.de.
Certificates must be applied for. The application procedure requires an application generated and signed by means of a web browser as well as an identity check with personal appearance of the applicant at our registration office.
Fee / Charge
No fees or charges are levied for the service.
Communication and Information Centre (kiz)
Service Points are locations where you can visit us personally.
kiz from A to Z
more about: DFN Global certificates
Contact / Registration office
In order to issue a user certificate, your identity must be verified by personally appearing at our registration office at the following service point:
kiz University West
Service Point Information
Tel: +49 (0) 731 / 50 - 15544
Registration by telephone or e-mail is requested. For opening hours, please refer to the linked website of the Service Point.
To apply for a server certificate, please contact us using the email address above.
Good to know