AddingUMIACSCertificateAuthority: Difference between revisions

From UMIACS
Jump to navigation Jump to search
No edit summary
Line 1: Line 1:
===Introduction===
===Introduction===


When you visit webpages encrypted with SSL, you may be presented with a warning about the site's security certificate not being trusted. These are normally important screens to pay attention to on the internet as a whole. However, UMIACS goes to great lengths to maintain a secure environment for our users. We provide a UMIACS CA (certificate authority) that enables your web browser to trust our secure webpages. The following steps explain how to import this certificate based on your preferred web browser.
When you visit webpages encrypted with SSL, you may be presented with a warning about the site's security certificate not being trusted. These are normally important screens to pay attention to on the internet as a whole and UMIACS goes to great lengths to maintain a secure environment for our users. However, it is not cost effective to provide commercial certs for all our public facing certificates.  In order to keep costs down we provide a UMIACS CA (certificate authority) that enables your web browser to trust our secure webpages. The following steps explain how to import this certificate based on your preferred web browser.


===Mozilla Firefox (cross-platform)===
===Mozilla Firefox (cross-platform)===
Line 8: Line 8:


* Visit http://intranet.umiacs.umd.edu
* Visit http://intranet.umiacs.umd.edu
* Scroll to the bottom and click "UMIACS CA Root Certificate (CRT - Most Browsers)". <br />[[Image:UMIACSCA_IE_1.png]]<br />Firefox should open a "Downloading Certificate" dialog box automatically. It may look slightly different depending on your operating system:<br />[[Image:UMIACSCA_Firefox_1.png|458px]]
* Scroll to the bottom and click "UMIACS CA Root Certificate (CRT - Most Browsers)". <br />[[Image:UMIACSCA_IE_1.png]]<br />Firefox should open a "Downloading Certificate" dialog box automatically. It may look slightly different depending on your operating system or version of Firefox:<br />[[Image:UMIACSCA_Firefox_1.png|458px]]
* Check all three boxes indicating that you fully trust this certificate authority
* Check all three boxes indicating that you fully trust this certificate authority
* Click ok.
* Click ok.

Revision as of 17:37, 5 August 2010

Introduction

When you visit webpages encrypted with SSL, you may be presented with a warning about the site's security certificate not being trusted. These are normally important screens to pay attention to on the internet as a whole and UMIACS goes to great lengths to maintain a secure environment for our users. However, it is not cost effective to provide commercial certs for all our public facing certificates. In order to keep costs down we provide a UMIACS CA (certificate authority) that enables your web browser to trust our secure webpages. The following steps explain how to import this certificate based on your preferred web browser.

Mozilla Firefox (cross-platform)

Mozilla Firefox contains its own method of managing certificate authorities independent of your operating system. These are the steps required if you are using Firefox:

  • Visit http://intranet.umiacs.umd.edu
  • Scroll to the bottom and click "UMIACS CA Root Certificate (CRT - Most Browsers)".
    UMIACSCA IE 1.png
    Firefox should open a "Downloading Certificate" dialog box automatically. It may look slightly different depending on your operating system or version of Firefox:
    UMIACSCA Firefox 1.png
  • Check all three boxes indicating that you fully trust this certificate authority
  • Click ok.
  • You may need to restart your browser for the change to take effect.

Internet Explorer and Google Chrome (Windows)

For most Windows browsers (excluding Firefox), certificate authorities are handled by Windows itself. These are the steps required to accept the certificate:

  • Visit http://intranet.umiacs.umd.edu
  • Scroll to the bottom and click "UMIACS CA Root Certificate (CRT - Most Browsers)". Download and open this file
    UMIACSCA IE 1.png
  • Click "Install Certificate..." towards the bottom of the dialog box
    UMIACSCA IE 2.png
  • Click Next
  • Choose "Place all certificates in the following store"
  • Choose "Trusted Root Certification Authorities" and click ok
    UMIACSCA IE 3.png
  • Click next and then finished. You should receive a success message similar to the following:
    UMIACSCA IE 4.png
  • You may need to restart your browser for the change to take effect.

Safari and Google Chrome (Mac OSX)

For most OSX browsers (excluding Firefox), certificate authorities are handled by OSX itself. This process requires administrator access. If you do not have administrator access and you are using a UMIACS-supported Mac, please contact Staff. Otherwise, here are the steps required to accept the certificate:

  • Visit http://intranet.umiacs.umd.edu
  • Scroll to the bottom and click "UMIACS CA Root Certificate (CRT - Most Browsers)". Download and open this file by double-clicking it
    UMIACSCA IE 1.png
  • Select ok to add the certificate to your keychain:
    File:OSX 1.png
  • The previous step will add the certificate for your own account, but it will not be trusted by OSX itself. If you have administrative access on your Mac, choose Always Trust:
    File:OSX 2.png
  • Enter the administrator credentials to add this certificate for all users of the system:
    File:OSX 3.png
  • Close the keychain access window.
  • You may need to restart your browser for the change to take effect.

Other Browsers (Unix)

If you are using a browser other than Firefox in Unix, the process is more complicated than the above methods and may depend on your particular Unix distribution. If you need assistance with this please contact UMIACS Staff.