RWTH Aachen University has a new certificate provider. The Greek certification authority HARICA (Hellenic Academic & Research Institutions Certification Authority) is taking over the issuance of public-key certificates. This means that S/MIME certificates can be requested in the RA-Portal again from April. The previous certificate provider, Sectigo, terminated its contract on January 10, 2025.
However, not much will change for users, as the interface and use of the RA-Portal will remain the same. The only thing to keep in mind is that the root certificates of DFN, Sectigo and now HARICA must be added manually in Adobe Acrobat and marked as trusted. In addition, user certificates may no longer contain special characters such as umlauts, so that names such as “Jürgen Müller” are automatically transcribed as “Juergen Mueller”. In the RA-Portal, you can now also select whether the certificate should contain the full first name or the name stored in the RWTH Selfservice.
Those administering the servers must implement the new HARICA TLS chain. The two HARICA TLS root certificates are already preinstalled on all common browsers.
Valid Sectigo or DFN user certificates remain valid until their expiry date. After that, new user certificates (S/MIME) can be issued via the RA-Portal (and through HARICA).
Further information on the conversion of the certification authority can be found on the IT Center Blog. Instructions for applying for and using user or server certificates can be found on IT Center Help.