RBG User-Certificates

This describes how to apply for and install the RBG certificate.

• RBG User-Certificates
  • 0. General Information on TUM Informatics and Mathematics Certificates
  • 1. Where and how do I request a certificate?
  • 2. How do I request for certificates?
  • 3. How long is the certificate valid and how do I renew it?
  • 4. FAQ
    • My certificate is in .pem format, but my programm only accepts .p12 format. What should I do?

0. General Information on TUM Informatics and Mathematics Certificates

After a certificate has been activated, you can find it on ssp.rbg.tum.de.

With a certificate you can visit certain websites or even send and read encrypted E-Mails. The certificate can also be used to digitally sign files.

For the installation the passphrase is needed, since the certificate is encrypted. After getting your passphrase, your certificate can be found on ssp.rbg.tum.de

Note: The certificate that is downloaded via SSP is a .pem file. This file is not recognized by some programs (e.g. Outlook). To make your certificate 'recognizable', look in Chapter 4.

1. Where and how do I request a certificate?

employees, guests and students of the faculties of Mathematics and Informatics can request the certificate via ssp.rbg.tum.de

2. How do I request for certificates?

Click on ssp.rb.tum.de on Login at the top left. 

Log in with in.tum-Kennung@in.tum.de or ma.tum-Kennung@ma.tum.de (for employees of the Faculty of Mathematics)

Select the Certificate option on the left. 

In the next step, select Standard mode and click on Apply.

Then click Continue. Next you will see the passphrase of the certificate.

So there you have it Certificate applied for. You will receive an email shortly. Next, save the passphrase and click Continue again. 

When the certificate has been created, you will receive the following email.

Then you can download the certificate with the private key in the SSP.

You can find more information about certificates on our wiki page : https://xwiki.rbg.tum.de/bin/view/Informatik/Benutzerwiki/Zertifikate#Zertifikate

3. How long is the certificate valid and how do I renew it?

The certificate is valid for approximately one year from the expiry date of the old certificate. Before the validity expires, you will usually be notified by e-mail.

If the certificate expires, you can apply for a new certificate via the SSP Portal ssp.rbg.tum.de.

Note: The certificate that is downloaded via SSP is a .pem file. This file is not recognized by some programs (e.g. Outlook). To make your certificate 'recognizable' have a look at Chapter 4.

4. FAQ

My certificate is in .pem format, but my programm only accepts .p12 format. What should I do?

The certificate you have downloaded from the Self-Service Portal (ssp.rbg.tum.de) is in .pem format and some client programs do not support it. This problem is easily solved. All you have to do is find a program that accepts .pem files. Firefox is one of them, and since it is widespread, we'll assume that Firefox is being used for this guide.

Now to the real issue: 

1) Make sure your old expired certificate is installed in Firefox. If it is not already installed there, you will have to export the old certificate from another application and import it in Firefox. How to export a certificate can be found in our Wiki-Anleitung.

2) Import the new certificate (.pem-file) in Firefox. You can find out how to install a certificate here.

3) Export the new certificate from Firefox.

Voilà! Now you have a new .p12 file, which can be imported into other programs as usual.

Note: Please be aware that when importing the new .p12 file, you must change the settings for it as usual. In particular, you must also adjust the account settings for Thunderbird. You have to select the new certificate under Account Settings -> End-to-End Encryption -> S/MIME.
You can use this guide for reference.

If you encounter some problem, contact: rbg@in.tum.de