The PKI certificate management service supports customers in purchasing, administration, storage and roll-out of various types of certificates. A high level of automation and user guidance obviously simplifies certificate handling.
The current focus is on user certificates for mail signatures and mail encryption, machine certificates for authentication on the network, and TLS/SSL certification for secure identification and encrypted communication with servers of ETH.
Handling certificates is partly very complex. Automation, user guidance and central storage of all certificates can result in an enlarged use of certificates, since end users can mostly manage their certificates without the assistance of the support group. This is especially interesting for user certificates because of they represent personal identity.
Increased use of certificates will enhance security at ETH. First, through improved authentication of machines in the ETH network and two-factor authentication in the VPN area. Second, by signature and if necessary encryption of mails of ETH members and organisational units.
Customer Groups / Cost
Purchase of user and TLS/SSL certificates from QuoVadis and DigiCert is free of charge for ETH members. IT Services bear the costs. In the event of disproportionate use or misuse, the IT Services reserve the right to charge the costs.
ETH employees can:
ETH employees and students can: