Zentraler Informatikdienst

SSL certificates for server

For:   employees

Organisational units at the University of Vienna can equip their servers with SSL certificates via the ZID to establish an encrypted connection between the server and the user’s device. The ZID does not offer any other certificate products.

The IT representatives are mainly responsible for ordering and managing the SSL certificates.

Open certificate portal

Notes

Individual domains registered and operated by the ZID at the request of organisational units automatically receive an SSL certificate and do not require a separate certificate.

Please also note the information on SSL certificates on the service pages Websites and TYPO3 – central CMS.

Requirements

  • Free SSL certificate types are marked accordingly in the certificate portal. Products that are subject to a fee must be paid for by the user.
  • SSL certificates can only be requested by employees who are actively employed with an official email address of the University of Vienna (in the format firstname.lastname@univie.ac.at).
  • SSL certificates can only be issued to domains owned by the University of Vienna. If your domain is currently registered to another owner, you can transfer it to the University of Vienna.
  • No certificates can be issued for domains registered personally to employees or students of the University of Vienna.
  • SSL certificates of the University of Vienna must not be used for commercial purposes.
  • Special regulations may apply for financial transactions.
  • The domain must be hosted with all services on the servers of the University of Vienna. Justified exceptions require approval by the IT Security Team of the ZID.
  • A wildcard certificate for *.univie.ac.at can only be issued in case of special technical reasons. If necessary, choose a multi-domain certificate instead or add a comment to your application for a wildcard certificate, specifying the technical reason.

Requesting an SSL certificate

Notes

Please follow the recommended procedure by the University of Vienna to apply for SSL certificates.

Uploading official identification documents is not required to issue SSL certificates and should therefore be expressly avoided.

  1. Open the certificate portal. Use only the Academic Login to log in. Other login methods are not supported by the ZID.
    If you receive an error message when logging in, use a different web browser or delete your browser’s session data.
  2. Enter univie.ac.at in the search field and select the entry University of Vienna.
  3. You will be automatically redirected to the weblogin of the University of Vienna. Log in with your u:account user ID (example: doejamie1) and the corresponding password.
  4. Click on the Server entry in the menu on the left.
  5. In the Domains tab, you can enter the domains manually.
  6. In the Product tab, select the certificate you want that is marked as Free. You must pay for products that are subject to a fee yourself.
  7. In the Submit tab, upload the CSR file that you previously generated on the server for which the certificate is intended.
  8. The ZID will then review the application and approve itas fast as possible.
  9. You will be notified of the completion via e-mail.
  10. You can then download your certificate in several formats. The ZID recommends downloading in PEM bundle format. This ensures that the complete certificate chain is included. This also supports end devices that do not actively load additional certificates or do not yet have the current Root CA Certificate.

Renewing an SSL certificate

The maximum validity period of a newly issued SSL certificate from the Certificate Service is currently 1 year. If necessary, it can be renewed before the end of its validity period via the Certificate Portal.

From a technical point of view, a certificate is not extended when it is renewed, but reissued.

Support

If you have any questions, please use the Servicedesk form SSL certificate (login, in German).

To top