Certificates at Research Center Jülich
These pages contain web links for requesting and managing so-called X.509v3 certificates, which are used to verify the authenticity of keys, which are mainly used to secure communication with e-mail partners and servers. The certificates issued by the JSC are part of the DFN-PKI (Public Key Infrastructure). The certification authorities of this PKI are operated by DFN-Cert Services GmbH.
Information on certificates and their use at Forschungszentrum Jülich can be found in the technical brief information TKI-365 (in German)
Provisions for the correct use of certificates of DFN-PKI by the certificate holders are described in the document "Informationen für Zertifikatinhaber" (in German).
_______________________________________________________________________
Applying for a certificate
Applying for a personal or group certificate is done in two steps:
- Generate the key material and the certificate request via Web interface (Global Certificates → Application/Revocation). At the end of this step the certificate request has to be printed out.
- Transmit the application to Teilnehmerservice at JSC (Dispatch). Attention: In the case of user certificates, a personal authentication at JSC based on an official photo ID of the applicant is required.
For server certificates, the process is described in the Document Information Server Certificates
After the certificate has been generated, the applicant will be notified about the completion by an electronically signed email. This mail contains links that can be used to import the certificate (and the certificates of the certification authorities). The sender and holder of the signature certificate is dfnpki-mailsender-noreply@dfn-cert.de
_______________________________________________________________________
Teilnehmerservice
Located at JSC Dispatch (Building 16.4, Room 201 - Rotunda / Ground floor) Tel: +49 2461 61 5642, Opening hours: Mon - Thu: 09:00 - 11:30 and 13:30 - 16:00, Fri .: 09:00 - 11:30)
The authentication of employees in field offices may also be carried out locally.
Contact at PTJ Berlin: +49 30 20199-460
Contact at PTJ Rostock: +49 381 20356-299
Contact at JCNS (Jülich): +49 2461 61 2498
Contact at IEK-11 Erlangen: +49 9131 85-20843
Contact at IEK-12 Münster: +49 251 83-30008
_______________________________________________________________________
Validity of certificates
FZJ employees have two classes of user and server certificates in the DFN-PKI: Global certificates and Grid certificates.
| Validity | user certificate | server certificate |
| Global | 3 Jahre | 825 days |
| Grid | 1 Jahr | 1 Jahr |
Grid certificates are only used by users and servers in the specific context of grid computing. This second class of certificates is required in addition to the "normal" Global certificates, because certain applications in the Grid environment do not support a hierarchical trust structure.
