Back to “Help for our services”

Help, Instructions, FAQ

Help: Digital signature

A digital signature replaces your manual signature online. With the help of your valid certificate issued by the DFN and the following instructions, you can make your emails and PDFs private.

enlarge the image: Envelope with wax seal
Photo: Colourbox

Erste Schritte

  • The first step and prerequisite for setting up a digital signature is the user certificate.

The user certificate is your digital ID. It is offered via the ‘TCS’ (Trusted Certificate Service) service of the European research network GÉANT and is provided by the external provider Harica.

In order to use the service, the applicant's identity must be successfully verified. This has already been done for the majority of Leipzig University employees. If the identity check has not yet been carried out, you will receive a corresponding notification stating how this can be done.

Log in to the application portal for user certificates with your university login.

Click 1 Once you have successfully logged in to the portal, your data will be displayed automatically. Now select the desired e-mail address for which you would like to generate the certificate.

You must memorise the password displayed for your private key and keep it safe. Please confirm this in the field below. You will need it to integrate the certificate in the respective application. The password cannot be recovered; if it is lost, the certificate must be cancelled and a new one requested.

enlarge the image: Zu sehen ist das Anmeldeportal für Nutzerzertifikate
Picture: University Computing Centre

Click 2 You can now send the certificate request. Once your user certificate has been successfully issued, you will receive an email from the sender address noreply-tcs(at)uni-leipzig.de with information and your user certificate (.p12 file) attached. There may occasionally be delays (up to two working days) in the issuance of the certificate by the provider and the subsequent delivery of the e-mail.

enlarge the image: Zu sehen ist eine E-Mail
Picture: University Computing Centre

Save the certificate file (contains your private certificate key) to your home drive, for example.

Step 1

Click on your ‘.p12’ certificate. Start the process with ‘Next’.

Step 2

Click “Next”.

Step 3

Enter the password of the certificate and tick the marked import options. Then click on ‘Next’.

Step 4

Click “Next”.

Step 5

Continue with ‘Finish’.

Step 6

Finish the process by clicking “OK”.

Step 1

Open the ‘Finder’ and go via ‘Applications’ to “Utilities” to ‘Keychain management’.

Step 2

There, go to ‘My certificates’ via ‘Login’.

Step 3

Now click on ‘File’ in the menu bar at the top of the screen and navigate to ‘Import object ...’.

Step 4

Then navigate to the storage location of your certificate file (.p12) and select it by clicking ‘Open’.

Step 5

You will now be asked to enter the password for the certificate, which is the private key (password) you specified when you requested the certificate.

Step 6

The certificate is now integrated into the system.

Anleitungen

Step 1

Open Outlook and go to ‘File’.

Step 2

Click on ‘Options’.

Step 3

Go to ‘Trust Centre’ and select ‘Trust Centre settings...’.

Step 4

Navigate to ‘Email security’. Check whether the selected fields are ticked. If the boxes were ticked or you have successfully ticked them, click on ‘Import/Export’.

Step 5

Change the hash algorithm from SHA1 to SHA256 and confirm with ‘OK’.
 

Step 6

Close all dialogue windows opened in Outlook with ‘OK’.

You can now check whether the settings are working correctly. Send a new e-mail to your own e-mail address. Check whether the ‘Sign’ option is activated:

This is what an email correctly digitally signed with your certificate looks like in Outlook:

Use multiple certificates

Repeat step 1 to step 4 if necessary.

Click on ‘Select’ for the ‘Signature certificate’.

Under ‘Further options’, you can select which certificate should be actively used from the installed certificates.

Step 1

Go to ‘Settings’ → ‘Data protection & security’ on ‘Manage certificates’.

Step 2

The ‘Certificate management’ dialogue window opens. On the ‘Your certificates’ tab, select the ‘Import’ button.

Now select ‘Your certificate file’ and confirm with ‘Open’.

When opening the personal certificate file, the password that you assigned when saving the certificate is requested.

Step 3

Then go to ‘Certification Authorities’, search for ‘DFN-Verein Certification Authorithy 2’, click on it and select ‘Edit trust’.

Step 4

Make sure that both trust settings are ticked.

Confirm the process with ‘OK’ and close the certificate management.

Step 5

Switch to the ‘Account settings’ → ‘End-to-end encryption’.

Now select your certificate and make sure that ‘Add your own digital signature by default’ is ticked.

Step 6

Now you can digitally sign your e-mails.

The basic configuration of Adobe Reader is pre-installed on all computers in the domain.

Step 1

Go to ‘Settings’ under “Editing” and then to the left tab under ‘Signatures’.

Step 2

Under ‘Signatures’ → ‘Creation and appearance’, go to ‘More’. A new window will now open. Among these, select ‘Appearance’ → ‘New’ from.

Step 3

Now enter your name in the ‘Title’ field, select ‘Imported graphic’ and upload the university logo. Click on ‘Okay’ to finalise the step.

 

To the logo download
PDF 71 KB

Step 4

Your signature is now set up and can be used.

Step 1

Select the ‘Tools’ category or ‘More tools’ as highlighted in red.

Step 2

Open the ‘Certificates’ section.

Step 3

Select ‘Sign digitally’, read(!) and confirm the information dialogue with OK and follow the instructions accordingly:

The document should then look like this with the correct signature (the design can be customised):

Step 1

When you have opened Word, go to Insert and then to Signature line.

Step 2

Under Signature line, go to Microsoft Office signature line.

Step 3

Now a window opens where you enter your name, your position and your e-mail address and then click on okay.

Step 4

Now a signature field has been created and make a double click on the window.

Step 5

Now you must save the file.

Step 6

Enter your name here again and make sure that under Issued by: ‘DFN-Verein Global Issuning CA’ if not go to Change and select the correct certificate as under point 7.

Step 7

Now select the certificate where the issuer is the: ‘DFN-Verein Global Issuing CA’ and click on ‘OK’, then click on Sign as in point 6.

Step 8

You must now confirm the signature. You can no longer edit the file otherwise remove your signature.

Step 9

If everything has worked correctly, your signature should look something like this.

FAQ

User certificates are issued with a validity period of 2 years.

  • Digital signature of e-mails
  • Encryption of e-mails
  • Authentication against systems/servers

If you have further questions or need help with digital signatures, please follow the link:

To Digital Signature

If you require a group certificate, please contact nutzerzertifikat@uni-leipzig.de

Your user certificate is an identification document that must be protected from access by other people. The URZ therefore offers you the following recommendation from Cryptomator for secure storage.

Encrypting files with Cryptomator

The URZ recommends the ‘Cryptomator’ tool for encrypting files, as it is an open source-based encryption programme.

  • It offers the option of storing encrypted files in a cloud so that even the cloud is no longer able to read these files.
  • By creating encrypted vaults, it is possible to store your data securely in your drive.

The URZ has created detailed instructions for you

DATa encryption with CRYPTOMATOR