Service provider Sectigo will stop issuing certificates on 10 January 2025!  [09.12.24]

On 10 January 2025, the service provider Sectigo is expected to stop issuing certificates for all GÉANT TCS customers. This affects a large number of (research) institutions in Europe, including many in Germany, as well as the University of Hohenheim.

The background to this situation is differences between Sectigo and GÉANT with regard to key contractual issues. As things stand at present, it can be assumed that Sectigo will no longer provide its services from this date. GÉANT is already working intensively on finding a new provider, but it is expected that the service will be interrupted for several months until the new provider starts regular operations.

We therefore strongly recommend renewing certificates that expire within the second quarter of 2025 before the end of the year. This will allow sufficient bridging of the transition period until the new service provider is fully integrated and the work processes have been adapted to the new regular operation.

Which certificate types are affected?

  • Server certificates (SSL) - for securing web and server services
  • Personal certificates (S/MIME) - for signing and encrypting emails

What options are there for obtaining a new certificate for servers after 10 January 2025?

  • Early application for a new certificate:
    If you already know that a certificate will be required after this date, you should apply for a new certificate before the end of 2024. This will allow you to bridge the transition period until a new service provider is introduced.
  • Automation via ACME (Automatic Certificate Management Environment) for web servers:
    The implementation of an automation solution via the ACME protocol is ideal for self-administered web servers. As an interim solution, from 10 January 2025 until the new certificate service provider is fully integrated, it is possible to obtain certificates via the provider 'Let's Encrypt'.

What options are there for obtaining a new personal (S/MIME) certificate after 10 January 2025?
Personal (S/MIME) certificates are valid for two years (from the date of issue). If your personal (S/MIME) certificate has an expiry date before the end of the second quarter of 2025, your only option is to renew your (S/MIME) certificate before the end of 2024.

If you have any questions, please contact kim-pki@uni-hohenheim.de


Back to All news


Do you have questions or comments about this site? contact form