Secure E-Mail Communication with Fraunhofer
Public Key Infrastructure for Fraunhofer Contacts
Fraunhofer Competence Center PKI

Note: Either your session has expired or cookies are deactivated within the browser. The application's full functionality can only be provided if temporary cookies (session cookies) are activated. To continue, please check the browser's cookie preferences if necessary and click afterwards on the link restart application.

Load Root-Certificate / Revocation List (PKI for Fraunhofer Employees)

In order to establish secure communications, both, external partners and Fraunhofer employees must possess a personal digital certificate. The certificates of communication partners and of Fraunhofer employees are issued by different so-called certification authorities (CAs). Each certification authority owns a certificate as well, which is either issued by the CA itself, or in turn by a parent CA. This way a multi-level CA-hierarchy can be established. It always ends in a self-issued certificate, a so-called root certificate.

To facilitate smooth communication, it is necessary that the communication partners do not only have the respective certificate of his or her partner, but additionally also trust the certificates of issuing CAs up to the respective root certificate. Therefore, it may be necessary to import the (root) certificates of the issuing CAs in your email application.

On this page you have the option of downloading the certificates of the issuing CAs of the PKI for Fraunhofer Employees. Please follow this link for downloading the required root certificate of the PKI for Fraunhofer Contacts.

Certificates for Fraunhofer employees are currently issued by a three-stage Public Key Infrastructure (see also Overview of the Fraunhofer PKI). They are issued by the certification authority Fraunhofer User CA - G02. The Fraunhofer User CA - G02 is in turn certified by DFN-Verein Certification Authority 2, whose certificate is issued by T-TeleSec GlobalRoot Class 2.

In case the root certificate of T-TeleSec GlobalRoot Class 2 has already been installed on your system - this is usually the case -, there is no need to download and install the certificates provided below.

Please refer to our detailed user guide for further assistance regarding the integration of the (root) certificates within your e-mail application.

T-TeleSec GlobalRoot Class 2

Note: This root certificate is already included in many operating systems, applications and browsers. If this is not the case, you can download this certificate below.
Download certificate Download certificate revocation list
Control data for the certificate of T-TeleSec GlobalRoot Class 2:
  • Distinguished Name: CN = T-TeleSec GlobalRoot Class 2, OU = T-Systems Trust Center, O = T-Systems Enterprise Services GmbH, C = DE
  • Issuer: same as distinguished name
  • Validity period: 01.08.2008 - 02.10.2033
  • Fingerprint (SHA-1): 59:0D:2D:7D:88:4F:40:2E:61:7E:A5:62:32:17:65:CF:17:D8:94:E9
  • Fingerprint (SHA-256): 91:E2:F5:78:8D:58:10:EB:A7:BA:58:73:7D:E1:54:8A:8E:CA:CD:01:45:98:BC:0B:14:3E:04:1B:17:05:25:52

DFN-Verein Certification Authority 2

Download certificate Download certificate revocation list
Control data for the certificate of DFN-Verein Certification Authority 2:
  • Distinguished Name: CN = DFN-Verein Certification Authority 2, OU = DFN-PKI, O = Verein zur Foerderung eines Deutschen Forschungsnetzes e. V, C = DE
  • Issuer: CN = T-TeleSec GlobalRoot Class 2, OU = T-Systems Trust Center, O = T-Systems Enterprise Services GmbH, C = DE
  • Validity period: 22.02.2016 - 22.02.2031
  • Fingerprint (SHA-1): E2:24:BE:F6:D7:86:22:0D:26:2B:B8:07:AB:6D:AC:F9:D3:A8:9A:93
  • Fingerprint (SHA-256): F6:60:B0:C2:56:48:1C:B2:BF:C6:76:61:C1:EA:8F:EE:E3:95:B7:14:1B:CA:C3:6C:36:E0:4D:08:CD:9E:15:82

Fraunhofer User CA - G02

Download certificate Download certificate revocation list
Control data for the certificate of Fraunhofer User CA - G02:
  • Distinguished Name: CN = Fraunhofer User CA - G02, OU = Fraunhofer Corporate PKI, O = Fraunhofer, L = Muenchen, S = Bayern, C = DE
  • Issuer: CN = DFN-Verein Certification Authority 2, OU = DFN-PKI, O = Verein zur Foerderung eines Deutschen Forschungsnetzes e. V, C = DE
  • Validity period: 24.05.2016 - 22.02.2031
  • Fingerprint (SHA-1): 0C:BA:47:B8:9E:DD:04:51:EB:CD:DE:9E:8B:6A:8D:72:D5:00:08:D9
  • Fingerprint (SHA-256): 56:2C:BB:CB:DE:BE:EB:3C:B5:59:46:BD:CE:24:8C:A4:A6:23:D2:BA:6E:77:B6:3B:75:4D:3A:57:1F:67:DF:A2