Secure E-Mail Communication with Fraunhofer
Public Key Infrastructure for Fraunhofer Contacts
Fraunhofer Competence Center PKI

Note: Either your session has expired or cookies are deactivated within the browser. The application's full functionality can only be provided if temporary cookies (session cookies) are activated. To continue, please check the browser's cookie preferences if necessary and click afterwards on the link restart application.

Load Root-Certificate / Revocation List (PKI for Fraunhofer Employees)

In order to establish secure communications, both, external partners and Fraunhofer employees must possess a personal digital certificate. The certificates of communication partners and of Fraunhofer employees are issued by different so-called certification authorities (CAs). Each certification authority owns a certificate as well, which is either issued by the CA itself, or in turn by a parent CA. This way a multi-level CA-hierarchy can be established. It always ends in a self-issued certificate, a so-called root certificate.

To facilitate smooth communication, it is necessary that the communication partners do not only have the respective certificate of his or her partner, but additionally also trust the certificates of issuing CAs up to the respective root certificate. Therefore, it may be necessary to import the (root) certificates of the issuing CAs in your email application.

On this page you have the option of downloading the certificates of the issuing CAs of the PKI for Fraunhofer Employees. Please follow this link for downloading the required root certificate of the PKI for Fraunhofer Contacts.

Certificates for Fraunhofer employees are currently issued by two different three-stage Public Key Infrastructures (see also Overview of the Fraunhofer PKI). They are either issued by the certification authority Fraunhofer User CA - G01 or Fraunhofer User CA - G02.
The certificate of Fraunhofer User CA - G01 is in turn issued by DFN-Verein PCA Global - G01 whose certificate is issued by Deutsche Telekom Root CA 2. The Fraunhofer User CA - G02, on the other hand, is certified by DFN-Verein Certification Authority 2, whose certificate is issued by T-TeleSec GlobalRoot Class 2.

In case the root certificates of Deutsche Telekom Root CA 2 and T-TeleSec GlobalRoot Class 2 have already been installed on your system - this is usually the case -, there is no need to download and install the certificates provided below.

Please refer to our detailed user guide for further assistance regarding the integration of the (root) certificates within your e-mail application.

Deutsche Telekom Root CA 2

T-TeleSec GlobalRoot Class 2

Note: This root certificate is already included in many operating systems, applications and browsers. If this is not the case, you can download this certificate below. Note: This root certificate is already included in many operating systems, applications and browsers. If this is not the case, you can download this certificate below.
Download certificate Download certificate revocation list Download certificate Download certificate revocation list
Control data for the certificate of Deutsche Telekom Root CA 2:
  • Distinguished Name: CN = Deutsche Telekom Root CA 2, OU = T-TeleSec Trust Center, O = Deutsche Telekom AG, C = DE
  • Issuer: same as distinguished name
  • Validity period: 09.07.1999 - 10.07.2019
  • Fingerprint (SHA-1): 85:A4:08:C0:9C:19:3E:5D:51:58:7D:CD:D6:13:30:FD:8C:DE:37:BF
Control data for the certificate of T-TeleSec GlobalRoot Class 2:
  • Distinguished Name: CN = T-TeleSec GlobalRoot Class 2, OU = T-Systems Trust Center, O = T-Systems Enterprise Services GmbH, C = DE
  • Issuer: same as distinguished name
  • Validity period: 01.08.2008 - 02.10.2033
  • Fingerprint (SHA-1): 59:0D:2D:7D:88:4F:40:2E:61:7E:A5:62:32:17:65:CF:17:D8:94:E9
  • Fingerprint (SHA-256): 91:E2:F5:78:8D:58:10:EB:A7:BA:58:73:7D:E1:54:8A:8E:CA:CD:01:45:98:BC:0B:14:3E:04:1B:17:05:25:52

DFN-Verein PCA Global – G01

DFN-Verein Certification Authority 2

Download certificate Download certificate revocation list Download certificate Download certificate revocation list
Control data for the certificate of DFN-Verein PCA Global - G01:
  • Distinguished Name: CN = DFN-Verein PCA Global - G01, OU = DFN-PKI, O = DFN-Verein, C = DE
  • Issuer: CN = Deutsche Telekom Root CA 2, OU = T-TeleSec Trust Center, O = Deutsche Telekom AG, C = DE
  • Validity period: 22.07.2014 - 10.07.2019
  • Fingerprint (SHA-1): F4:C5:38:C3:BB:99:4F:13:F8:FD:C2:40:B6:79:A6:4B:19:34:A1:B5
  • Fingerprint (SHA-256): 4D:BD:93:C9:C8:60:1C:B6:44:A8:A8:83:0C:CD:AB:B3:68:E7:81:EA:E4:8C:FD:1F:F5:3E:CC:45:F5:36:39:81
Control data for the certificate of DFN-Verein Certification Authority 2:
  • Distinguished Name: CN = DFN-Verein Certification Authority 2, OU = DFN-PKI, O = Verein zur Foerderung eines Deutschen Forschungsnetzes e. V, C = DE
  • Issuer: CN = T-TeleSec GlobalRoot Class 2, OU = T-Systems Trust Center, O = T-Systems Enterprise Services GmbH, C = DE
  • Validity period: 22.02.2016 - 22.02.2031
  • Fingerprint (SHA-1): E2:24:BE:F6:D7:86:22:0D:26:2B:B8:07:AB:6D:AC:F9:D3:A8:9A:93
  • Fingerprint (SHA-256): F6:60:B0:C2:56:48:1C:B2:BF:C6:76:61:C1:EA:8F:EE:E3:95:B7:14:1B:CA:C3:6C:36:E0:4D:08:CD:9E:15:82

Fraunhofer User CA - G01

Fraunhofer User CA - G02

Download certificate Download certificate revocation list Download certificate Download certificate revocation list
Control data for the certificate of Fraunhofer User CA - G01:
  • Distinguished Name: CN = Fraunhofer User CA - G01, OU = Fraunhofer Corporate PKI, O = Fraunhofer, L = Muenchen, S = Bayern, C = DE
  • Issuer: CN = DFN-Verein PCA Global - G01, OU = DFN-PKI, O = DFN-Verein, C = DE
  • Validity period: 12.05.2014 - 06.07.2019
  • Fingerprint (SHA-1): E2:B2:0E:AF:15:EC:4D:A5:D5:92:5D:71:FF:9D:82:D7:95:BE:36:4D
  • Fingerprint (SHA-256): D3:BD:D2:C6:7C:AF:6D:0B:F7:9F:4C:1E:9D:78:A9:71:39:85:42:F4:07:98:4B:22:A4:0F:C2:56:16:BF:5D:A6
Control data for the certificate of Fraunhofer User CA - G02:
  • Distinguished Name: CN = Fraunhofer User CA - G02, OU = Fraunhofer Corporate PKI, O = Fraunhofer, L = Muenchen, S = Bayern, C = DE
  • Issuer: CN = DFN-Verein Certification Authority 2, OU = DFN-PKI, O = Verein zur Foerderung eines Deutschen Forschungsnetzes e. V, C = DE
  • Validity period: 24.05.2016 - 22.02.2031
  • Fingerprint (SHA-1): 0C:BA:47:B8:9E:DD:04:51:EB:CD:DE:9E:8B:6A:8D:72:D5:00:08:D9
  • Fingerprint (SHA-256): 56:2C:BB:CB:DE:BE:EB:3C:B5:59:46:BD:CE:24:8C:A4:A6:23:D2:BA:6E:77:B6:3B:75:4D:3A:57:1F:67:DF:A2