In order to establish secure communications, both, external partners and Fraunhofer employees must possess a personal digital certificate. The certificates of communication partners and of Fraunhofer employees are issued by different so-called certification authorities (CAs). Each certification authority owns a certificate as well, which is either issued by the CA itself, or in turn by a parent CA. This way a multi-level CA-hierarchy can be established. It always ends in a self-issued certificate, a so-called root certificate.
To facilitate smooth communication, it is necessary that the communication partners do not only have the respective certificate of his or her partner, but additionally also trust the certificates of issuing CAs up to the respective root certificate. Therefore, it may be necessary to import the (root) certificates of the issuing CAs in your email application.
On this page you have the option of downloading the certificates of the issuing CAs of the PKI for Fraunhofer Employees. Please follow this link for downloading the required root certificate of the PKI for Fraunhofer Contacts.
Certificates for Fraunhofer employees are currently issued by a three-stage Public Key Infrastructure (see also Overview of the Fraunhofer PKI). They are issued by the certification authority Fraunhofer User CA - G02. The Fraunhofer User CA - G02 is in turn certified by DFN-Verein Certification Authority 2, whose certificate is issued by T-TeleSec GlobalRoot Class 2.
In case the root certificate of T-TeleSec GlobalRoot Class 2 has already been installed on your system - this is usually the case -, there is no need to download and install the certificates provided below.
Please refer to our detailed user guide for further assistance regarding the integration of the (root) certificates within your e-mail application.
New certificates for Fraunhofer employees have been issued from the so-called DFN-Association Community PKI since September 2023. Although this public key infrastructure (PKI) - like the one previously used - is also operated by DFN-Verein, it no longer enjoys global recognition and automatic trust in operating systems and applications.
For Fraunhofer communication partners, the relevant certificates from this PKI are the DFN Community Root CA 2022 and the Fraunhofer User CA 2022, which issues the new certificates for Fraunhofer employees (see also Hinweise zur Fraunhofer DFN Community PKI 2022).
DFN-Verein Community Root CA 2022 |
Download certificate Download certificate revocation list |
Control data for the certificate of DFN-Verein Community Root CA 2022:
|
Fraunhofer User CA 2022 (DFN-Verein) |
Download certificate Download certificate revocation list |
Control data for the certificate of Fraunhofer User CA 2022:
|
T-TeleSec GlobalRoot Class 2 |
Note: This root certificate is already included in many operating systems, applications and browsers. If this is not the case, you can download this certificate below. |
Download certificate Download certificate revocation list |
Control data for the certificate of T-TeleSec GlobalRoot Class 2:
|
DFN-Verein Certification Authority 2 |
Download certificate Download certificate revocation list |
Control data for the certificate of DFN-Verein Certification Authority 2:
|
Fraunhofer User CA - G02 |
Download certificate Download certificate revocation list |
Control data for the certificate of Fraunhofer User CA - G02:
|