Apply for server certificates (HARICA)

To create a server certificate via Harica, first log in to the browser at
https://cm.harica.gr/login.

On the login page, select "Academic Login".

Select the University of Kassel from the list.

If it is not displayed immediately, you can search for it using the search bar.

You will now be redirected to log in with your UniAccount and the corresponding password.

After this step, you are logged in and can apply for a server certificate on the website.

As soon as you have completed the registration, you can select the "Server" button on the left-hand side of the dashboard under the "Certificate Request" tab.

In the window that now opens, enter the information about the desired server certificate in the next steps.

The "Friendly Name" is optional (here, for example, "Webserver Universitaet Kassel").

Under "Add domains", enter the name of the server (in this case "webserver.uni-kassel.de"). If there are alternative names for the server, you can add these by clicking on "+ Add more domains" (here "meinwebserver.uni-kassel.de").

Then click on "Next".

In the next step, please select the option "For enterprises or organizations (OV)" under "type of your certificate" (pay attention to the correct addition in brackets!) and click on "Next".

Now confirm your selection with another click on "Next".

You can also confirm the information about the organization by clicking on "Next", as this is provided by the registration.

Under the overview for the application, check the box for approval before clicking on "Next".

If you want to generate a CSR automatically, first click on "Auto-generate CSR".

You will now be asked for several details:

• The encryption algorithm and the corresponding key size
• Set and repeat a password
• Check both boxes

Then you can click on "Generate Private Key, CSR, and submit order" to complete the process.

To download your private key, please click on "Download".

The private key will now be saved in the download folder of your PC as privateKey.pem.

If the download of the private key has been completed without errors, you can check the box and confirm the download and return to the overview by clicking on "Go back to dashboard".

Back in the dashboard, you will now see the certificate request, which must now be approved by one of the authorized persons in the ITS.

If you want to upload a self-generated CSR, first click on "Submit CSR manually".

Now copy the content of your CSR and paste it into the dialog box that opens.

Then check the box and complete the process with "Submit request".

After the certificate has been approved, you will receive an email from Harica.

Click on the link to the "Dashboard" contained in the email and log in to the website again.

You will now see your approved certificate in the dashboard.

Click on the download icon to download the certificate.

The certificate can be downloaded in various file formats.

We recommend choosing "PEM-bundle". This contains the actual certificate and the certificate chain.

When downloading the certificate, the browser may report that the page is not responding.
Click away the error using the "Wait" button until the download is complete.