In order to ensure the security of email communication based on PGP and X.509 keys, the Schaeffler Group has established a certification infrastructure (Public Key Infrastructure PKI).
The two processes (PGP and X.509) are distinguished by the way in which the accuracy and authenticity of a public key are certified.
Within PGP, users form what is called a "web of trust" which allows known, trustworthy third parties to confirm that a public key is valid.
Please contact your Schaeffler contact to requested the public PGP or X.509 key to secure your email communication.
Root certificates and revocation lists
X.509 is a system with a exactly defined structure and specifies that public keys must be confirmed by a centralized authority. Organizations like the Schaeffler Group can operate in-house certification authorities (CA) to verify their own employees. To be able to validate , Schaeffler Group’s users please download our root certificates. In addition, you can access the Schaeffler Group’s certificate revocation lists (CRL's) to see which of our X.509 keys have expired and are no longer valid.
|Schaeffler Group Root CA|
|Schaeffler Group Primary CA|
|Schaeffler Group CA|
|INA Group CA|
SMTP – TLS (Transportverschlüsselung)
If all email communication between your company and the Schaeffler Group is required, SMTP – TLS can be used.
We support „opportunistic“ and „secure high-ciphers mandatory“ mode. For this official X.509 certificates are required and cryptographic methods which are considered secure by BSI and NIST are used.
Please tell us your responsible IT contact person to discuss and arrange the necessary settings.