You may be using a Web browser that does not support standards for accessibility and user interaction. Find out why you should upgrade your browser for a better experience of this and other standards-based sites...

Dartmouth Home  Search  Index

Dartmouth HomeSearchIndex

 Dartmouth home page
Computing at Dartmouth
 

Home | Resources | Services | Support | About
Computing > Support >  Library >  Connect On-Campus >  Mac >   

Configuring Your Macintosh Computer to Use the Dartmouth Secure Wireless Network or Other Dartmouth Wireless Networks

Dartmouth has three wireless networks that provide connectivity to the Internet, with only two of these providing direct access to Dartmouth network-based resources. If you are unsure which network to choose, see Which SSID Should I Use?

Dartmouth Public: In order to connect to the Dartmouth Public network, just select it from the list of available networks.

Dartmouth Library Public: In order to connect to the Dartmouth Library Public network, just select it from the list of available networks.

Dartmouth Secure: In order to connect to the Dartmouth Secure network, the steps you need to follow vary depending on the version of the Macintosh Operating System on your computer. To check the version of the operating system, go to the Apple menu in the upper left-hand corner of your screen and click About this Mac. The screen that appears will list a version number similar to 10.4.11 or 10.5.8. Use this number to determine which method of configuring your computer for Dartmouth Secure you should follow.

Automated Script (Mac OS X 10.5.x)

Note: If your Macintosh has Mac OS X 10.5.0 to 10.5.7 you must upgrade it to 10.5.8 or later. Earlier versions of Mac OS X 10.5 had an intermittent issue connecting to Dartmouth Secure that was corrected with Mac OS X 10.5.8.

  1. Download the Dartmouth Secure Wizard to your desktop, then double-click the downloaded file.
  2. Answer the questions as they appear.
  3. After clicking "Finish" in the Wizard, restart your computer.
  4. On the Menu bar, click the Airport icon and select Dartmouth Secure.

Step-by-step Instructions (Mac OS X 10.5.x)

Note: If your Macintosh has Mac OS X 10.5.0 to 10.5.7 you must upgrade it to 10.5.8 or later. Earlier versions of Mac OS X 10.5 had an intermittent issue  connecting to Dartmouth Secure that was corrected with Mac OS X 10.5.8.

  1. Open the Safari Web browser and go to https://collegeca.dartmouth.edu/DownloadCerts.jsp to download the Dartmouth Root Certificate.
  2. In the Navigation column on the left of the window, click Root Certificates.
  3. Click on the first link, Dartmouth CertAuth1 CA (Dartmouth Root CA). Do NOT click on the Install Root button.
  4. A Downloads window will appear with an entry called DartmouthCA.cer. Double-click on the paper icon to the left of the text.
  5. The Keychain Access program will open and prompt you for a location to store the Root Certificate. Select System from the drop-down menu and click OK.
  6. You may receive several prompts for your computer password during this process. You may also receive a prompt about trust settings for the Root Certificate. Select Always Trust.
  7. Within the Keychain Access program (the icon on the Dock looks like a set of keys), go to the System keychain. If you do not see this listed, click on the arrow button in the lower-left corner of the Keychain Access window.
  8. Once you click System, you should see a certificate on the right that says Dartmouth CertAuth1. Double-click on it and click on the arrow by Trust. At the top of the list, you will see an entry for When Using This Certificate. Select Always Trust from the drop-down menu.
  9. Now you must install your Private Certificate. This is an encrypted form of your DND name and password. To install it, go to https://collegeca.dartmouth.edu/ and enter your DND name and password. Select 1024 (Medium Grade) for the key size, click Submit, then Install the certificate.
  10. In the Downloads window, you will see another certificate, Cert2Install.der. Double-click on the paper icon to the left of the text.
  11. Select Login from the Keychain drop-down menu and click OK
  12. Go to the login keychain and find the certificate with your name and double-click on it. Click the arrow by Trust. At the top of the list, you will see an entry for When Using This Certificate. Select Always Trust from the drop-down menu. Your personal certificate is now installed. Quit the KeyChain Access application and delete the DartmouthCA.cer and Cert2Install.der files.
  13. Next, click the Airport icon found in the menu bar and select Open Network Preferences.
  14. Turn Airport off, then click the Advanced button.
  15. On the Airport tab, drag Dartmouth Secure to the top of the Preferred Networks list.
  16. Click Apply, then click Advanced.
  17. Select the 802.1x tab.
  18. Change Domain to User. (Note: If you cannot change to the Domain to User, go to the Preferred Networks and delete Dartmouth Secure, then go back to the 802.1x tab and change the Domain to User.)
  19. Leave the User Name and the Password field blank.
  20. Select Dartmouth Secure as the Wireless network.
  21. Under Authentication, select TLS by checking the box next to the TLS entry. All other boxes should not be checked.
  22. Highlight TLS, then click Configure.
  23. The DartmouthCertAuth 1 should display; highlight your personal certificate, then click Choose.
  24. Click OK, then click Apply.
  25. Turn the Airport back on and connect to Dartmouth Secure.
  26. The following message is displayed: eapolclient wants to sign using key "Key from collegeca.dartmouth.edu" in your keychain - do you want to allow?. Click Always Allow. (Note: If this does not appear, go to your Login keychain and double-click the private key associated with your Dartmouth certificate. Select the Access Control tab and ensure that eapolclient is one of the applications that is allowed to access your private key.)

Automated Script (Mac OS X 10.4 or Earlier)

  1. Install the Dartmouth Root Certificate on your computer. (Click Dartmouth CertAuth 1 CA.)
  2. Install a private certificate on your computer or get an eToken that has your private certificate on it. Note: If you are using an eToken, make sure the Aladdin eToken Runtime Environment has been installed and the eToken is inserted in a USB port on your computer before proceeding.
  3. Download the Dartmouth Secure.internetconnect profile to your desktop, then double-click the downloaded file.
  4. On the Menu bar, click the Airport icon and select Dartmouth Secure.

Step-by-step Instructions (Mac OS X 10.4)

Note: You MUST use Safari for this configuration process.

  1. Open the Safari Web browser and go to https://collegeca.dartmouth.edu/DownloadCerts.jsp to download the Dartmouth Root Certificate.
  2. Click the first link, Dartmouth CertAuth1 CA (Dartmouth Root CA).
  3. A Downloads window will appear with an entry called DartmouthCA.cer. Double-click on the paper icon to the left of the text.
  4. The Keychain Access program will open and prompt you for a location to store the Root Certificate. Select X509Anchors from the drop-down menu, then click OK.
  5. You may receive several prompts for your computer password during this process. You may also receive a prompt about trust settings for the Root Certificate. Select Always Trust.
  6. Within the Keychain Access program (the icon on the Dock looks like a set of keys), go to the X509Anchors keychain. If you do not see this listed, click on the arrow button in the lower-left corner of the Keychain Access window.
  7. Once you click on System, you should see a certificate on the right that says Dartmouth CertAuth1. Double-click on it, then click on the arrow by Trust. At the top of the list, you will see an entry for When Using This Certificate. Select Always Trust from the drop-down menu.
  8. Now you must install your Private Certificate or get an eToken that has your private certificate on it. This is an encrypted form of your DND name and password. If you do  not have an eToken, to install a certificate on your hard drive, go to https://collegeca.dartmouth.edu/SimpleRequest.jsp and enter your DND name and password. Select 1024 for the key size, click Submit, then Install the certificate.
  9. In the Downloads window, you will see another certificate, Cert2Install.der. Double-click on the paper icon to the left of the text.
  10. Install this certificate into the login keychain.
  11. Go to the login keychain and find the certificate with your name and double-click on it. Click on the arrow by Trust. At the top of the list, you will see an entry for When Using This Certificate. Select Always Trust from the drop-down menu.
  12. Note: If you are using an eToken, make sure the Aladdin eToken Runtime Environment has been installed and the eToken is inserted in a USB port on your computer before proceeding.
  13. With the Finder as the active application, click Go, then Applications, then double-click Internet Connect.
  14. From the Menu bar, click File, then New 802.1x Connection.
  15. In the Configuration box, select Edit Configurations.
  16. In the Description field, enter Dartmouth Secure.
  17. Leave the User Name field blank.
  18. Leave the Password field blank.
  19. In the Wireless Network field, select Dartmouth Secure as the wireless network.
  20. In the Authentication field, make sure TLS is checked and that all other items listed are not checked.
  21. Click TLS to highlight it, then click the Configure button and select your personal certificate, then click OK.
  22. Click Connect to exit the 802.1x configuration window. If prompted to Unlock your keychain, enter your eToken password.
  23. A Verify Certificate window will appear. Click Show Certificate, then put a checkmark in the Always trust these certificates box. Click Continue.
  24. The system will now try and connect to Dartmouth Secure. Select Always Allow if prompted for permission.
  25. If you receive a trust warning regarding the Server certificate, click OK.
  26. If successful, the status should say Connected via TLS.

For more information related to this topic, see:

10/16/08

Last Updated: 9/9/09