Back to Home
  • FAQs
  • CONTACT US
  • SITEMAP
  • COOKIE POLICY
  • GEANT GATEWAY
  • About GEANT
    • Partners
      • NREN Development and Support
    • Governance and Management
      • Partners' Assembly
      • Executive Board
    • Activities
    • European e-Infrastructure
      • Europe 2020 and GEANT
      • GEANT Expert Group
      • Women in ICT
    • Value of GEANT
      • History of GEANT
  • Network
    • The Network
    • Network Operations
      • Operations Teams
      • Operations Centre
      • Network Security
    • Global Connectivity
      • Global Connectivity: The Benefits
      • Global Connectivity: World Regions
      • Global Users and Applications
      • How to Connect to the network
      • Global Service Collaboration
    • Research and Education Networks
    • Campus Best Practice
    • Environmental Impact
      • Carbon accounting
      • Adopting a Greener Corporate Outlook
      • Events & Case Studies
      • Sustainability Policy
  • Innovation
    • Research Programmes
      • Network Architectures for Horizon 2020
      • Technology Testing for Specific Service Applications
      • Identity and Trust Technologies for GEANT Services
    • Testbeds
    • Foresight
    • Open Call
    • Standards
  • Services
    • Connectivity Services
      • GEANT IP
      • GEANT L3VPN
      • GEANT Plus
      • GEANT Lambda
      • GEANT Open
      • GEANT Bandwidth on Demand
      • GEANT Testbeds Service
    • Network Performance Services
      • perfSONAR
      • eduPERT
      • GEANT Security
      • GEANT Framework
    • User Access and Applications
      • eduroam
      • eduGAIN
      • eduPKI
      • eduCONF
    • Cloud Services
    • Services Registration Authority
      • SSL Certificates
      • Request a Certificate
    • Namespace Registry
      • urn:geant Registry
      • URN: FAQs
      • URN: Request Form
      • geant.net/uri Registry
    • Training
      • Geant Showcase
  • Users
    • Health and Medicine
      • DECIDE
      • neuGRID
      • OutGRID
      • Sim-e-Child
      • TEMDEC
      • ITHANET
      • EMBL-EBI
    • Energy
      • CAREN
      • ITER
    • Earth Observation
      • PAGASA
      • EMSA
      • CAREN glaciers
      • TIGGE and GEANT
      • THEOS and GEANT
    • Particle Physics
      • LHCOPN
      • LHCONE
      • BELLE II and GEANT
    • Space
      • GEANT and ORIENTplus
      • EXPReS Project
      • NEXPReS
    • Society
      • Sichuan earthquake
    • Arts and Education
      • ShanghAI Lectures
      • LOLA
      • ASTRA Project
      • perfSONAR MDM
      • Opera Oberta
      • e-Education
    • Horizon 2020
    • User Advisory Committee
    • User Support
    • User Posters
  • News & Events
    • News
      • News Archive - 2013
      • Press coverage
    • Events
      • TNC 2015
    • CONNECT magazine
      • Archived Issues
    • Representing GEANT
    • Press Kit
    • Follow Us
  • Resources
    • Deliverables
    • Open Call deliverables
    • White Papers
    • Knowledge Sharing
    • Media Library
      • GEANT Case Studies
      • GEANT Media Library: Project videos
      • GEANT Media Library: Interviews
      • GEANT Showcase Presentations
      • GEANT Media Library: Audio
      • GEANT Media Library: Maps
      • GEANT Media Library: Brochures
      • GEANT Media Library: Presentations
      • User Posters
    • Partner Resources
      • Exhibition Stands
      • Image Library
    • Intellectual Property
  • Open Call
    • About
    • Applications and Tools
    • Authentication
    • Network Architecture and Optical Projects
    • Software Defined Networking
    • Videos

BA Test
Cloud Services
Connectivity Services
Namespace Registry
Network Performance Services
Services Registration Authority
Training
User Access and Applications

Steps to Request Certificate

In order to request and be issued a GÉANT's Multi-Domain Network Services certificate; three steps have to be performed by the server/machine administrator. They are explained below: 

 

1. Authentication

We need to perform some type of identity vetting on you to be able to authenticate a certificate application send by you. The GÉANT Multi-Domain Network Services RA currently supports two ways of identity vetting; you can choose either of the two:

1) TCS Personal Certificates
If you are in possession of a TCS Personal Certificate or a TCS Personal eScience Certificate, you can use this in step 3 to send us a signed email (S/MIME) with the certificate application form (PDF) attached.

​2) PGP/GPG signature
If you have a PGP/GPG key, please make sure that the key is signed by SA2 RAs PGP signing key, and is available on commodity PGP key-servers. You can then use this in step 3 to send us a signed email with the certificate application form (PDF) attached.

​2. Authorisation

Please check GÉANT Multi-Domain Network Service Administrator Registry (GÉANT Intranet) to make sure that your email address is listed as an administrator of a GÉANT Multi-Domain Network Service.

If your name is not listed on the registry and you would like to request a certificate please contact RAs via email mds-edupki-ra@geant.net

The GÉANT Multi-Domain Network Services RA will only issue certificates that are requested by administrator that have a contact email address listed in the registry.

The profiles you request for your certificate must also match your entry in the registry.

  • If you are listed as an AutoBAHN administrator your certificate will be allowed to carry one of the AutoBAHN profiles.

  • If you are listed as a cNIS administrator, your certificate will be allowed to carry one of the cNIS profiles.

  • If you are listed as an I-SHARe administrator, your certificate will be allowed to carry one of the I-SHARe profiles.

  • If you are listed as a perfSONAR administrator, your certificate will be allowed to carry one of the perfSONAR profiles.

  • If you are listed under a combination of GÉANT's Multi-Domain Network Services, the certificate will be allowed to carry any of those combination's profiles.

  • If you are listed under all of GÉANT's Multi-Domain Network Services, the certificate will be allowed to carry one the general purpose profiles.

3. Certificate request

Please navigate to the eduPKI CA interface and open the Multi-Domain Network Services Certificate Request Generator (eduPKI CA).

​Contact Data
These fields must match your registered data in the GÉANT Multi-Domain Network Service Administrator Registry (see step 2 above).

​Certificate profile
Your selection must be consistent with your registered data in the GÉANT Multi-Domain Network Service Administrator Registry (see step 2 above).

Organisation
eduPKI CA only issues certificates to legal entities. If your GÉANT Multi-Domain Network Service installation is only in a department of a legal entity, remember to fill in your parent organisation's entity's name.

 

After submitting the form in the Certificate Request Generator, it will generate a cryptographic key pair (a private key and the matching public key) locally on your system and you will be asked to save that private key into a directory together with the generated certificate application form in PDF format.

Please send the PDF form (and only the PDF form) via a signed email (as per the requirements in step 1) to mds-edupki-ra@geant.net. The email signature must be for the email address that is in the certificate application and is registered for you in the GÉANT Multi-Domain Network Service Administrator Registry.

The eduPKI GÉANT Multi-Domain Network Services RA personnel will verify that the request is in order and will issue your certificate as quickly as possible. The verification procedure includes human processing and is not instant, please allow for a few business days to process.

  • GEANT
  • EU flag
  • European Commission Communications Networks, Content and Technology
  • Copyright
  • Credits
  • Legal