...
You need select for which institution you desire a RADIUS/TLS certificate, and to upload a CSR. The interface provides an openssl command-line with which you can generate a compatible CSR.
The CA will issue certificates only with information that is vetted, i.e. confirmed correct as per the eduroam database. In particular,
- the hostname(s) given in the CSRs CN and/or subjectAltName extensions areignored
- the Organisation field (O) will be ignored and replaced by either "NRO of <country>", or by the name of the IdP/SP as given in the eduroam database.
The certificate will always contain the RADIUS/TLS server names that are listed in the eduroam database, all in one certificate.
It takes at least 2 minutes before the request is processed and the certificate is issued. You can download the certificate from the management interface by pushing the corresponding "Display" button.
...