Heidelberg University
University Computing Centre Heidelberg logo

15 January 2016 - IT security New features for server certificates in the CertMine portal

The university's certificate portal has been expanded: it now supports the automated procurement and renewal of certificates via the ACME protocol. This makes the issuance of server certificates easier, faster, and less prone to errors. The expansion makes it easier for administrators and IT officers to securely operate web services and servers within the university.

A hand holding a key against a background with a digital lock

Our IT security experts have equipped CertMine with new functionalities. This expansion enables IT officers to automate the entire lifecycle of certificates—from creation and renewal to revocation. In addition, several new features have been implemented that simplify certificate management in workgroups within institutions.

Automatically to new certificates 

Two options are now available in CertMine for renewing certificates: one is via the standardized ACME protocol, and the other is an automatic renewal of existing certificates that we have set up.

With ACME: ACME (Automatic Certificate Management Environment) is a standardized protocol that enables the automatic issuance, renewal, and revocation of digital certificates (such as TLS/SSL). This greatly simplifies the management and integration of certificate services in server and web applications.

The advantages at a glance:

  • Time savings: The administrative workload for administrators is significantly reduced.
  • Automation: Certificates can be issued, renewed, and installed without manual requests.
  • Error reduction: Automated processes prevent typical input errors and reduce the risk of certificates expiring.
  • Security: Regular and timely renewals increase IT security; certificates always remain up to date. 

Automatic renewal: All existing certificates and all newly requested certificates without ACME will now be automatically renewed two weeks before expiration. Administrators will receive an informational email four weeks before expiration.

Less effort and convenient management 

In addition to ACME, the following new, convenient functions are now available in the certificate portal: 

  • Extension of certificates (manual and automatic)
  • Revocation of certificates
  • Manage certificates together
  • Easily transfer certificates, e.g., when personnel changes occur
  • Info emails about certificates to the entire administrator group

There will be no changes to the application process for S/MIME certificates for secure email communication, which are relevant for all employees.

Deutsch

Contact