Introductory note:
These instructions apply only to employees of the HaW Landshut. Students do not have the option of applying for an S/MIME certificate.
Employees of the university should apply for a digital certificate to sign and encrypt emails. The process for obtaining such a user certificate is described in detail below.
Application:
1. log in to the SSO-Portal log in.
2. click on the „E-mail certificates“ tile.
3.1 [For: Request a new certificate for email signing (personal email address)] Check the details and assign a password for the certificate that follows our general guidelines. [This means that the password must start with an upper/lower case letter, contain at least one digit and one special character (- _ # ! ? : ;). Furthermore, the password must not contain umlauts].
Then click on „Apply“.
3.2 [For: Request a new certificate for a shared mailbox] Use the area provided for this purpose. Note: A certificate for a shared mailbox can be requested if you are authorised to access the mailbox.
Then click on „Request“.
4. the portal displays a message asking you to be patient for a few minutes so that the application can be approved and the certificate created. After approx. 2-5 minutes you should be able to download the certificate from the certificate list. You can access this list via View my certificate list at the top of the website.
5. download the certificate to your certificate list. If you do not yet see a „Download“ button in the list, this means that the request is still in the queue. Try again after a few minutes. A valid certificate has the status „issued“.
This screen opens after clicking on „Download“ and expects the password from step 3.
6. the certificate is downloaded as a file in the following format: <Ihr_Name>.p12. Double-click on this file to start a dialogue that imports the certificate onto your computer.
Further information:
Service IT/the service provider does not save your password used here and will not restore it. If the certificate password is lost, you would have to revoke/cancel the certificate concerned and apply for a new one. Emails encrypted with the certificate you have used can then no longer be decrypted!
According to the current status, the certificate holder is authenticated by the existing employment relationship with Landshut University of Applied Sciences. Further identity checks are not necessary. (Compare: https://doku.tid.dfn.de/de:dfnpki:tcs:usercert#identifizierung_und_dokumentation).
English Version: Sources