Yes, it serves the proof of the identity.

Yes, if several people work with the same computer, everybody needs his own certificate.

Yes, it is possible to install the same certificate on different computers.

Yes, under: https://portal.dimdi.de/ruben/faces/CheckCertificatePage.xhtml (pure upload test) one can test the certificate.

In the instruction (Manual for the certificate) some certification authorities which issue digital X. 509 user's certificates are listed. The list exclusively serves the purpose to give some examples and is not to be understood as a reference or recommendation for the purchase of the products of the called en-terprises. Not everybody of the exhibitors listed there can issue the required certificate for the client authentication.

So-called resellers (e.g. https://icertificate.eu) offer certificates of different manufacturers. The issued certificates differ not in quality, but in the surrounding features (e.g. quickness of the exhibition, price, support etc.).

Due to legal reason we are not allowed to give any recommendation.

These additions can be added to a certificate. Originally certificates were only used to sign something, e. g., E-Mail or a document. If one likes to use it as "an identity card" for access control, a suitable entry must be in the addition. In the additions there are many different possibilities which can be used to create the certificate. We need this "client Authentication", so that the certificate proves the identity of the user.

No, only via the issuers noted in the instruction (Manual for the certificate) called exhibitor. BUT: not all manufacturers listed there offer the right type of certificate.

Restart the browser or delete cookies and logins manually (key combination STRG + SHIFT + DE-LETE)

Probably the user has not yet imported his certificate into the browser.

After opening a highly secured application with the Internet Explorer a window appears for certificate confirmation and afterwards another window "request on approval for use of a key" (perhaps with password input) appears.

This second window appears if while importing a certificate into the IE, the option "activate high secu-rity for the private key" is clicked. With some users this option is apparently a unchangeable preset, by the system administrator. Then the approval request occurs with every SSO-Login and must be given (if necessary by input of a password).

The browser remembers the first decision of the user and afterwards never ask for the user-identifica-tion any more. If one deletes the active logins in the browser, the query appears again. Approach: press key combination STRG + SHIFT + DELETE, select "active logins" (or "temporary Internet files" in the IE) and click on the delete button. Sometimes just a new start of the browser helps.

In the segment "Certificate" click on the button „show”, then a window should open, the option „Open-ing with“ is selected and besides there is a "Search" button. In this case just click "ok" and the certifi-cate is shown with the Certificate-Viewer. If the display does not work, the following will help: click in the Windows-Explorer on a certificate (xyz. der) * right mouse key * opening with * select standard program* choose *Krypto-Shellerweiterungen * then "ok" and the certificate should be opened in Ru-Ben automatically with this program.

If the certificate was not recognizable as a succession certificate, it is saved temporarily. In this case the certificate must be checked by the responsible administrator and be activated.