You are here: Home Services Security Certificates

Certificates

S/MIME certificates

Personal Certificates (E-Mail only)

Simple certificate without ID verification.
Application is done via the certificate portal:
👉 https://cm.harica.gr

Personal Certificates (IV/OV – with organizational data and full name)

These certificates contain, in addition to the email address, organizational data as well as the first and last name.
They can include multiple email addresses (max. 3).

Available via the University’s certificate portal:
👉 https://cert.escience.uni-freiburg.de

Note: Personal certificates of this type require a one-time ID verification, which can be done at the User Service, for example.

Application Methods for Personal Certificates Requiring ID Verification

ID verification is required for:

  • Personal certificates with multiple email addresses

  • Certificates with IV/OV data

Possible identity verification methods:

  • On-site verification at the User Service

  • Digital linking of BundID with HISinOne

Linking BundID with HISinOne

After successfully linking your BundID with your HISinOne account, a short message must be sent to the User Service so that the link can be reviewed and approved.

📧 Please send this message to:
pki.rz.uni-freiburg.de

Group Certificates

To apply for group certificates, a one-time registration of users who need access to the respective function address is required.

Procedure:

Send an informal email to:
📧 pki@rz.uni-freiburg.de
Include:

  • RZ user ID(s) of the users concerned

  • Associated function address

After successful registration, the group certificate can be created and retrieved via the portal:
👉 https://cert.escience.uni-freiburg.de
→ Log in with UserID
→ Select the “Group” section

Current updates on ongoing developments can be found in the Admin Forum.

Use of Electronic Certificates

Digital certificates are electronic credentials issued by a trusted Certification Authority (CA). They serve to identify users and ensure authenticity, integrity, and confidentiality in digital communication. The university's computing center uses the services provided by the DFN and supports the following two types of certificates:

1. Certificates for Web Servers (SSL/TLS Certificates)

These certificates secure communication between a web server and users' browsers through encryption. They enable HTTPS connections and prevent third parties from intercepting or manipulating data.
Most web servers now deliver content via HTTPS, and using HTTP usually triggers warnings in most browsers.
Certificates authenticate the identity of the website and encrypt data transmissions. The types include:

  • Domain Validation (DV)

  • Organization Validation (OV)

  • Extended Validation (EV)

Because certificate validity is essential for proper website communication and the validity periods have shortened to one year, renewal should be automated. This is done using ACME, which is easy to set up on various servers and has already been widely adopted by administrators.

2. S/MIME or Email Certificates (Secure/Multipurpose Internet Mail Extensions)

These certificates are used to sign and encrypt emails. They ensure that the sender is authentic and that the content has not been altered during transmission.
Certificates can be issued at different levels of trust — the highest level requires a visual ID check.
This requirement can be waived through linking with BundID (via HISinOne).

Contact

Postal Address:
University of Freiburg – IT Services
Certificate Registration Office
Hermann-Herder-Str. 10
D-79104 Freiburg, Germany

Email: pki@rz.uni-freiburg.de