Certification Authority of the University of Cologne
Certificates serve to protect confidential data. During transmission, data is protected against unwanted access by automatic encryption. In the web area you can recognize an encryption by the protocol name 'HTTPS'. The server needs a certificate to identify itself to the requesting client as 'authentic'. To guarantee the authenticity of a certificate, it is signed and published by so-called 'certification authorities' (CA).
Since the end of 2015, the free and open-source certification authority Let's Encrypt has been in existence. It is represented in all common browsers and e-mail programs, so visitors to websites operated with Let's Encrypt-based certificates do not receive security warnings, as would be the case with so-called self-signed certificates. The RRZK also uses this service for the majority of its web servers, so that certificates are automatically renewed and sometimes generated. Newly created web presences that are administered by us (e.g. web projects, TYPO3 pages) automatically receive a certificate from Let's Encrypt and are therefore accessible via https(-only).
If you are running your own web server, for example a virtual machine at the RRZK, we recommend to use Let's Encrypt for this as well. You can easily find instructions for the setup on the net.
About the Certification Authority (CA) of the University of Cologne
The RRZK also operates a CA within the DFN-Verein. Certificates of the CA University of Cologne are also known to the common browsers and e-mail programs due to their connection to DFN-Verein and Deutsche Telekom. Therefore you should not receive any warnings.
In most cases, it is not necessary to import root certificates, as these are pre-installed as trusted certificates in the common operating systems. If an import is nevertheless necessary, you can obtain it via the interface of the University of Cologne CA. Follow the instructions of the DFN.
Applying for certificates
Certificate for usage in a web server hosted by RRZK
Certificate for use in a self-operated server
If you have any questions or problems, please contact the RRZK-Helpdesk