Certificates at UDE
The web form lies on a server of the DFN-association, which functions as a service provider for the university as a member of the association. These requests however are processed by employees of the CIM.
How to get a certificate:
The certifying office of the UDE Uni-DUE CA only gives out certificates for the domain space uni-due.de and uni-duisburg-essen.de.
For this purpose, the Uni-DUE CA signs CA X.509-certificates for all members of UDE
- to sign and encrypt so called personal user certificates. (We only give out user certificates containing a UDE e-mail address)
- for server authentication of so called server certificates (only for official UDE services)
The security of this process depends on the reliability of the certification offices that give out said server certificates. These check carefully if the applicant belongs to the firm or institution for which he or she requests a certificate. This is then ensured by a digital signature in the certificate.
To guarantee this level of security, only certain people may check these requests. Here you can find the registration offices of UDE.
Superior Certification Office
The certificates are given out by the superior certification office of the DFN-PKI.
The Uni-DUE CA operates on the security level “global”. The root certificate is preinstalled on Windows operating systems and all applications therein.
The way Uni-DUE CA operates is regulated by the DFN-PKI policies.
You can find the pronouncement of UNI-DUE CAs certification operations in the public key infrastructure in the German Science Network under CPS of Uni-DUE CA.
Certificates – Why use them?
The server certificates verification is the only way to make sure, you are actually connected to the server which you are trying to reach.
There are several possibilities to redirect access to other servers. But since only the “real” server can present the correct certificate, warnings are given out for all imitations.
Usually every user should have to read the guidelines of all common certification offices, check their references and seals of approval and decide for him- or herself which office he or she trusts enough to accept server certificates given out by them.
Browser companies do this examination for the user and preinstall so called root certificates by many common and trustworthy certification offices on their web browsers.