via HARICA (replaces the Sectigo Certificate Manager)
With an SSL server certificate, your server is certified by a trustworthy authority. This makes it possible for a user to verify the authenticity of the server beyond doubt.
Server certificates can be applied for by the IT staff of the Weimar universities.
1. Read the Certification Policy
For the issuing of certificates by the BU Weimar CA, the Certification Guideline of the DFN-PKI is authoritative (PDF; in German).
2. Generate a key pair and create a certificate request
Create a Certificate Signing Request (CSR) and a private key for your server. The certificate request is then added to the Sectigo request form.
To generate the certificate request and the private key you can use tools of the respective server software or openSSL. The length of the private key should be 4096 bits.
Use these attributes in your certificate request:
- CN=<enter the server name to be certified here>
- O=Bauhaus-Universitaet Weimar
- L=Weimar
- ST=Thueringen
- C=DE
An e-mail address must not be included.
3. How to apply for the certificate and download it via HARICA
Follow the instructions: Link
4. Import the Certificate to the Server
The certificate can be installed on the server now.
Instructions