16 October 2023 - IT Security New Process for Requesting an S/MIME Certificate

The University Computing Centre (URZ) is now offering a new, simplified process for requesting S/MIME certificates. By using these S/MIME certificates, every employee can sign their emails digitally thereby verifying that they are the legitimate sender of a message. As part of the application process, the applicant's identity will be verified (with a personal identification document). Going forward, applications can be submitted in a user-friendly and simple manner via a university portal.

Previously, applying for the certificates had to be done on the German Research Network's (DFN) website. Effective immediately, you can easily submit the application via the linked university CertMine portal, making the process more user-friendly.

Certificates are not only for personal email addresses but also for functional email addresses. The process for applying for a certificate is explained in the linked how-to.

Why do I need a digital S/MIME signature?

Information security affects every user. Technological solutions are no substitute for being aware of possible fraud attempts such as phishing or social engineering, and having an informed, critical attitude. S/MIME digital signatures provide authentication of the sender's identity and thus offer effective protection, e.g. against phishing attacks.

Are spam, phishing and social engineering foreign words to you? You can find further information about IT security in the linked page.

Protect your email exchanges with a personal certificate

An S/MIME user certificate is a person-specific digital identity which has been authenticated by the URZ. For this reason, employees must provide proof of identification when applying for the certificate at the URZ. The IT service can also perform the identity check in a video call. Personal digital certificates are used not only to confirm the authenticity of one's communication partner but also to transmit signed and encrypted information.

Without security measures, emails and the information in them can be easily viewed and forged, much like a postcard. With over 100,000 incoming and outgoing emails per day at our university, it is essential to minimize this risk as much as possible. A simple and reliable method to protect yourself and others from falsified emails is to use S/MIME certificates.

S/MIME is an acronym and stands for Secure/Multipurpose Internet Mail Extensions. This technology has been an established standard since 1995, and it is operating system independent. With S/MIME, every user can digitally sign their emails, thereby verifying themselves as the legitimate sender of the message.

To digitally sign your emails, transfer the certificate file to your email client. The valid digital signature will be displayed to the recipient directly within their email client. This assures your contacts that the email has unmistakably been sent by you. (See screenshot)

Screenshot digital signature with S/MIME certificate