Go to main menu, to content, to homepage, to myHSHL

Your location: HSHL » Studying » Information about your studies » Information for your first semester at HSHL » WI-FI and Root Certificates

WI-FI and Root Certificates

To use various HSHL IT services, such as the university's Wi-Fi, it is necessary to install root certificates on the devices being used. These certificates help ensure, for example, that your device is actually connecting to the official HSHL Wi-Fi network and not to a “fake Wi-Fi” (attacker SSID) pretending to be the HSHL network. By taking this measure, you are not only protecting the university's data but, more importantly, your own user data from phishing attacks.

Root certificates form the foundation of a digital certificate system and are issued by a trusted certification authority. You can think of them in simple terms as a seal on a sealed letter, indicating that the letter is trustworthy.

Important: These certificates must be installed separately on each device. Please ensure that your device trusts the university’s systems and verifies the identity of the authentication servers (e.g., during the initial connection to the Wi-Fi).

For using the Wi-Fi: Please connect to the "HSHL" network (applies to both staff and students). This ensures that you are securely connected to the official HSHL Wi-Fi and can access e-books and other university systems without the need for an additional VPN (unlike when using Eduroam or private networks).

Root Certification Installation Guide

Windows 10

  • Download the root certificate HshlRootCa01-R1.crt by clicking the link provided above.
  • Open the downloaded file by double-clicking it.
  • Please first verify that the certificate is indeed HshlRootCa01-R1.

Now proceed as follows:

  • Click "Install Certificate…" → select "Current User" as the store location → click "Next" → select “Automatically select the certificate store based on the type of certificate” → click "Next" → confirm the settings by clicking "Finish".
    → The certificate is now installed. Confirm with "OK".

For the Sectigo root certificate: AAACertificateServices.cer, follow the same installation procedure.

Android

  • Download the root certificate HshlRootCa01-R1.crt by clicking the link provided above or use the QR-Code below.
  • Open Settings (gear icon).
  • Use the search bar at the top right to search for "certificate" in order to navigate to the certificate settings.
  • Confirm the privacy warning by tapping "Install anyway".
  • You will now be prompted to enter your device’s screen unlock code – please enter it.
  • Select the Downloads folder (or the folder where the file was saved) and choose the downloaded certificate file "HshlRootCa01-R1.crt".
  • The certificate is now installed.

HSHL Root Certificate:
https://pki.hshl.de/certdata/HshlRootCa01-R1.crt

Sectigo Root Certificate:
https://pki.hshl.de/certdata/AAACertificateServices.cer

The same installation process applies to the Sectigo root certificate: AAACertificateServices.cer.

Linux

Note: The steps listed here may vary depending on your Linux distribution.

  • Download the root certificate HshlRootCa01-R1.crt by clicking the link provided above.
  • Open a terminal window.
  • Navigate to the location of the CRT certificate using the cd command (for example: navigate to the "Downloads" folder).
  • Copy the CRT certificate to the folder /usr/local/share/ca-certificates/ using the sudo cp command.
  • Update the certificate trust list using the sudo update-ca-certificates command.
  • Open the file manager.
  • Check whether the file HshlRootCa01-R1.crt is now present in the folder /etc/ssl/certs/.

The same installation procedure applies to the Sectigo root certificate: AAACertificateServices.cer.

MacOS

  • Download the HSHL root certificate (HshlRootCa01-R1.cer) to your Downloads folder.
  • Open Finder, then search for Keychain Access using the search bar (usually in the top right corner). Open Keychain Access — you may be prompted to enter your Mac administrator password.
  • On the left-hand side, select "Login" and then add a new certificate.
  • Choose the Downloads folder, select the certificate file HshlRootCa01-R1.cer, and click "Open" to add it.
  • In the certificate list, locate the HshlRootCa01 certificate and double-click it.
  • To mark the certificate as trusted, open the "Trust" section and set the option "When using this certificate" to "Always Trust".
  • Confirm the changes by closing the window. You may be asked to enter your Mac administrator password again — do so to apply the changes.
  • Once confirmed, the certificate will be marked as "Trusted".

The same installation process applies to the Sectigo root certificate: AAACertificateServices.cer.

iOS/iPad OS

HSHL Root Certificate:
https://pki.hshl.de/certdata/HshlRootCa01-R1.crt

Sectigo Root Certificate:
https://pki.hshl.de/certdata/AAACertificateServices.cer

  • Open the Camera app on your iPhone or iPad and scan the QR code for the certificate you wish to install. Then tap the link that appears.
  • When the message appears saying, "This website is trying to download a configuration profile. Do you want to allow this?", tap "Allow".
  • Open the Settings app (gear icon) and tap on "Profile Downloaded".
  • You will now see the certificate (e.g. HshlRootCa01). Tap "Install" to begin the installation process.
  • Confirm the installation by entering your device's screen passcode, or by using Touch ID / Face ID.
  • Tap "Install" again to finalize the process. The certificate is now installed.

The same installation process applies to the Sectigo root certificate: AAACertificateServices.cer.

Root Certificates

HSHL Root Certificate:
https://pki.hshl.de/certdata/HshlRootCa01-R1.crt (for Windows, MacOS, Linux, Android, iOS/iPad OS)

Sectigo Root Certificate:
https://pki.hshl.de/certdata/AAACertificateServices.cer

QR Codes Root Certificates

Top