No Email Address in SSL Certificates


The DFN-PKI has informed us (RWTH CA) that:
As of 02.12.2014 20:00 CET, SSL Certificates will be issued without the attribute "email address". Any such email address included in the X.509 CSR (Certificate Signing Request) will be automatically removed before the X.509 SSL Certificate is issued. The change is dictated by the CA/Browserforum. Omission of the email address has no impact on the validity or functionality of the SSL Certificate.

Since the RWTH CA participates in the DFN-PKI as a sub-CA, this change applies automatically to the SSL Certificates issued by the RWTH CA.

If you require further clarifications please write to our IT-ServiceDesk.

Please Note: "email address" in the X.509 CSR or Certificate is not the same as the email address you are required to provide (together with your full name) in the webinterface, where you upload and submit your request to the RWTH CA. This email address is always required in order for you to be able to receive any notifications from the RWTH CA or, for that matter, your certificate.