Hochschulrechenzentrum
Topics & Services
Servicegroups
- No tags, yet
Hochschulrechenzentrum
Topics & Services
Servicegroups
For proper functioning, the following certification authorities must be available in the operating system / software used. If one or more certification authorities are missing, download them below and import them according to the instructions.
Public digital certificates at Jade University are issued in cooperation with DFN-CERT via 2 procedures.
Public digital certificates of the DFN-PKI - Global G2 are issued by DFN-CERT in conjunction with “T-Systems Enterprise Services GmbH”. Therefore, their certification authority “T-TeleSec GlobalRoot Class 2” appears as the root certification authority and the other two as intermediate certification authorities below it. This results in the following certification chain: * T-TeleSec GlobalRoot Class 2
Public digital certificates from GÉANT-TCS - Sectigo are issued by GÉANT in conjunction with “Sectigo”. Therefore, their certification authority “AAA Certificate Services” appears as the root certification authority and the other two as intermediate certification authorities below it. This results in the following certification chain:
As a rule, the public certification authorities are already included in the operating systems.
Internal digital certificates at Jade University are issued by the University Computer Centre. These root certification authorities are used here:
Devices in the PC network system (e.g. devices in the pool rooms / virtual desktops) are already equipped with all certification authorities, so no change is necessary here. On all other devices, they must be logged in as users with administrative rights to integrate certification authorities.
Missing certification authorities can be added by right-clicking on the respective folder Certificates → All tasks → “Import…”. add them.
The easiest way to get missing certificate authorities onto the device is from an existing (mobile) network access.
To integrate certification authorities, you must be logged in as a local user with administrative rights.
The easiest way to add missing certificate authorities to the device is from an existing network access.
The easiest way to get missing certificate authorities onto the device is from an existing (mobile) network access. Download the above certificate authorities with a browser and open the downloaded file. The “Name Certificate” dialogue appears:
The easiest way to get missing certificate authorities onto the device is from an existing network access. Download the above certificate authorities to the Downloads folder using a browser. Then add them system-wide:
cd ~/Downloads sudo trust anchor aaa_certificate_services-2004-01-01.pem sudo trust anchor usertrust_rsa_certification_authority-2019-03-12.pem sudo trust anchor geant_ov_rsa_ca_4-2020-02-18.pem sudo trust anchor t-telesec_globalroot_class_2-20081001.pem sudo trust anchor dfn-verein_certification_authority_2-20160222.pem sudo trust anchor dfn-verein_global_issuing_ca-20160524.pem sudo trust anchor hs-woe_certificate_authority_hs-woe.de-20161121.pem sudo trust anchor hs-woe_certificate_authority_meta-20140601.pem
To check, restart the “Passwords and Encryption” application once.
Mozilla Firefox is available for Apple macOS, Linux and Microsoft Windows, but usually uses its own built-in certificate store.
Missing certification authorities can be added via the button “Import…”. button.