Certificates

Some formalities must be observed when applying for certificates. You can obtain all the necessary information on applying for or renewing server certificates in advance from the CA administration: caadmin@uni-bonn.de.

Please proceed here only if you are familiar with the procedure. Otherwise you risk a non-processing or major delays in the processing of your application.

Application

Server operators must make a one-time appearance at the RA in the HRZ,
if not already known there. Please make an appointment by Mail to caadmin@uni-bonn.de.

New Application

To request server certificates, a valid e-mail address of the server must be entered in the certificate request at
https://cert-manager.com/customer/DFN/ssl/sslsaml/login a valid mail address of the(Attention, only Uni-Bonn.de addresses!) and a certificate request (CSR). Certificate request (CSR), which can be created as follows:

openssl req -nodes -newkey rsa:4096 -keyout server.key -keyform PEM \
-out server.req -outform PEM -sha256 -subj \
"/C=DE/ST=Nordrhein-Westfalen/L=Bonn/O=Rheinische \
Friedrich-Wilhelms-Universitaet \
Bonn/CN=servename.uni-bonn.de/emailAddress=uni-id@uni-bonn.de"

where:

C (Country):DE
ST (full name):Federal State (Nordrhein-Westfalen)
L (Place):Place (Bonn)
O (Institute):Name of the Institute ("Rheinische Friedrich-Wilhelms-Universitaet Bonn" including the quotation marks)
CN (FQDN of the server):z. B. www.muster.uni-bonn.de
emailAddress:administrator's e-mail address
 
The key is then in the file key.pem and the certificate request is in the file request.pem.