Universität Bonn

University IT and Data Center


The HRZ operates a RA within the DFN-PKI client at GÉANT TCS. It is possible for administrators to obtain SSL certificates for servers in the network of the University of Bonn.

For whom?


The service is aimed at administrators at the University of Bonn.

What for?

Certificates from a PKI (Private Key Infrastructure) can be used for very different purposes. A server can use the server certificate to prove that it is the server it claims to be. In addition, the server certificate enables encrypted communication between the client and the serve

How does it work?

Some formalities must be observed when applying for certificates. You can obtain all the necessary information on applying for or renewing server certificates in advance from the CA administration: caadmin@uni-bonn.de.

Please proceed here only if you are familiar with the procedure. Otherwise you risk a non-processing or major delays in the processing of your application.


Server operators must make a one-time appearance at the RA in the HRZ,
if not already known there. Please make an appointment by Mail to caadmin@uni-bonn.de.

New Application

To request server certificates, a valid e-mail address of the server must be entered in the certificate request at
https://cert-manager.com/customer/DFN/ssl/sslsaml/login a valid mail address of the(Attention, only Uni-Bonn.de addresses!) and a certificate request (CSR). Certificate request (CSR), which can be created as follows:

openssl req -nodes -newkey rsa:4096 -keyout server.key -keyform PEM \
-out server.req -outform PEM -sha256 -subj \
"/C=DE/ST=Nordrhein-Westfalen/L=Bonn/O=Rheinische \
Friedrich-Wilhelms-Universitaet \


C (Country):DE
ST (full name):Federal State (Nordrhein-Westfalen)
L (Place):Place (Bonn)
O (Institute):Name of the Institute ("Rheinische Friedrich-Wilhelms-Universitaet Bonn" including the quotation marks)
CN (FQDN of the server):z. B. www.muster.uni-bonn.de
emailAddress:administrator's e-mail address
The key is then in the file key.pem and the certificate request is in the file request.pem.


Detailed information and instructions can be found in the HRZ-Doku.
(Call only possible from the BONNET)

Related Topics

Further Information

Here you can find more information about the certificates.

Administrator Tools

Here you will find an overview of the administrator tools.

Wird geladen