Here you will find information and instructions on how to apply for and set up a user certificate.
Individual user certificates are offered via the "TCS" (Trusted Certificate Service) service of the European research network GÉANT and provided by the external provider Sectigo. Individual steps of the certificate application and creation are carried out on the provider's website. The menu language there is English.
First Steps
In order to use the service, the applicant's identity must be successfully verified. This has already been done for the majority of Leipzig University employees. If the identity check has not yet been carried out, you will receive a corresponding message with details of how this can be done.
Log in to the preview portal with your university login.
Click 1 Select the e-mail address to be certified. Once you have successfully logged in to the portal, your data will be displayed automatically. Now simply select the university e-mail address for which you would like to generate the certificate.
Click 2 You can now send the certificate request. You will receive a German-language e-mail from the University Computer Centre with a link to start the application process with the external provider Sectigo. There may occasionally be delays (possibly up to two working days) in the delivery of the e-mail, as the provider is often working on the provision of the service website.
Call up the link from the e-mail you received from the URZ to start the application process. You can decide for yourself when you want to carry out this step. There is no time limit.
The link opens the Sectigo certificate manager. Authenticate yourself by entering the e-mail address for which you are requesting the certificate.
You will then receive an e-mail in English (there may also be a delay here) with an access link for the next step in the certificate manager. Note: the email is sent by the sender support(at)cert-manager.com and has the subject "[External] Your Email Confirmation Request".
You now have 60 minutes to call up the "Confirm Authentication Request" link generated for you in the Sectigo e-mail and create the certificate. This link is only for you personally and may not be shared. If the time has elapsed, you can restart the step by calling up the link from the URZ e-mail (step 2).
An input mask will open with details of the certificate to be generated. Changes at this point have no effect. Confirm the provider's EULA and send the request.
In the next screen, you must select the encryption. The URZ recommends setting the value to "Compatible TripleDES-SHA1". The preselected method is currently still causing difficulties with some operating systems, which is why we do not recommend it at the moment.
The certificate is now generated. This takes place locally on your computer and can take several minutes. Do not cancel the certificate creation under any circumstances, otherwise you will have to repeat the entire application process.
Make a note of the password you have assigned for the certificate! It is only known to you and will be needed later to use the certificate. Save the resulting certificate file (with the private certificate key) on a secure storage medium.
Instruction
Step 3
Now click on "File" in the menu bar at the top of the screen and navigate to "Import object ...".
Step 4
Then navigate to the storage location of your certificate file (.p12) and select it by clicking "Open".
Step 5
You will now be asked to enter the password for the certificate, which is the private key (password) you specified when you requested the certificate.
