You may be using a Web browser that does not support standards for accessibility and user interaction. Find out why you should upgrade your browser for a better experience of this and other standards-based sites...

Dartmouth Home  Search  Index

Dartmouth Home | Search | Index

 Dartmouth home page
Computing at Dartmouth
 

Home | Resources | Services | Support | About
Computing > Support >  Library >  Connect On-Campus >  Mac >   

Configuring Your Macintosh Computer to Use the Dartmouth Secure Wireless Network or Other Dartmouth Wireless Networks

Dartmouth has three wireless networks that provide connectivity to the Internet, with only two of these providing direct access to Dartmouth network-based resources. If you are unsure which network to choose, see Which SSID Should I Use?

Dartmouth Public: In order to connect to the Dartmouth Public network, just select it from the list of available networks.

Dartmouth Library Public: In order to connect to the Dartmouth Library Public network, just select it from the list of available networks.

Dartmouth Secure: In order to connect to the Dartmouth Secure network, there are several steps you need to follow. These steps vary depending on the version of the Macintosh Operating System on your computer. To check the version of the operating system, go to the Apple menu in the upper left-hand corner of your screen and click About this Mac. The screen that appears will list a version number similar to 10.4.11 or 10.5.2. Use this number to determine which method of configuring your computer for Dartmouth Secure you should follow. Do not try to run the automated script on Mac OS X 10.5.

Note: You MUST use Safari for this configuration process.

Automated Script (Mac OS X 10.4 or Earlier)

  1. Install the Dartmouth Root Certificate on your computer. (Click Dartmouth CertAuth 1 CA.)
  2. Install a private certificate on your computer or get an eToken that has your private certificate on it. Note: If you are using an eToken, make sure the Aladdin eToken Runtime Environment has been installed and the eToken is inserted in a USB port on your computer before proceeding.
  3. Download the Dartmouth Secure.internetconnect profile to your desktop, then double-click the downloaded file.
  4. On the Menu bar, click the Airport icon and select Dartmouth Secure.

Step-by-step Instructions (Mac OS X 10.4)

  1. Open the Safari Web browser and go to https://collegeca.dartmouth.edu/DownloadCerts.jsp to download the Dartmouth Root Certificate.
  2. Click the first link, Dartmouth CertAuth1 CA (Dartmouth Root CA).
  3. A Downloads window will appear with an entry called DartmouthCA.cer. Double-click on the paper icon to the left of the text.
  4. The Keychain Access program will open and prompt you for a location to store the Root Certificate. Select X509Anchors from the drop-down menu, then click OK.
  5. You may receive several prompts for your computer password during this process. You may also receive a prompt about trust settings for the Root Certificate. Select Always Trust.
  6. Within the Keychain Access program (the icon on the Dock looks like a set of keys), go to the X509Anchors keychain. If you do not see this listed, click on the arrow button in the lower-left corner of the Keychain Access window.
  7. Once you click on System, you should see a certificate on the right that says Dartmouth CertAuth1. Double-click on it, then click on the arrow by Trust. At the top of the list, you will see an entry for When Using This Certificate. Select Always Trust from the drop-down menu.
  8. Now you must install your Private Certificate or get an eToken that has your private certificate on it. This is an encrypted form of your DND name and password. If you do  not have an eToken, to install a certificate on your hard drive, go to https://collegeca.dartmouth.edu/SimpleRequest.jsp and enter your DND name and password. Select 1024 for the key size, click Submit, then Install the certificate.
  9. In the Downloads window, you will see another certificate, Cert2Install.der. Double-click on the paper icon to the left of the text.
  10. Install this certificate into the login keychain.
  11. Go to the login keychain and find the certificate with your name and double-click on it. Click on the arrow by Trust. At the top of the list, you will see an entry for When Using This Certificate. Select Always Trust from the drop-down menu.
  12. Note: If you are using an eToken, make sure the Aladdin eToken Runtime Environment has been installed and the eToken is inserted in a USB port on your computer before proceeding.
  13. With the Finder as the active application, click Go, then Applications, then double-click Internet Connect.
  14. From the Menu bar, click File, then New 802.1x Connection.
  15. In the Configuration box, select Edit Configurations.
  16. In the Description field, enter Dartmouth Secure.
  17. In the User Name field, enter your DND (BlitzMail) name (e.g., John A. Doe).
  18. Leave the Password field blank.
  19. In the Wireless Network field, select Dartmouth Secure as the wireless network.
  20. In the Authentication field, make sure TLS is checked and that all other items listed are not checked.
  21. Click TLS to highlight it, then click the Configure button and select your personal certificate, then click OK.
  22. Click Connect to exit the 802.1x configuration window. If prompted to Unlock your keychain, enter your eToken password.
  23. A Verify Certificate window will appear. Click Show Certificate, then put a checkmark in the Always trust these certificates box. Click Continue.
  24. The system will now try and connect to Dartmouth Secure. Select Always Allow if prompted for permission.
  25. If you receive a trust warning regarding the Server certificate, click OK.
  26. If successful, the status should say Connected via TLS.

You can now connect to Dartmouth Secure as your default wireless network whenever you are on campus. It is important to note that there is currently an issue with Mac OS X 10.4.11 and higher connecting to Dartmouth Secure immediately upon turning on your computer. When you first turn on your computer (or restart it), in the Menu bar, you will need to select Dartmouth Public from the Airport icon list, then select Dartmouth Secure. This problem does not exist if you are just waking your computer from sleep mode. Apple has been notified of this issue; we will post information as soon as it is resolved.

Step-by-step Instructions (Mac OS X 10.5) 

  1. Open the Safari Web browser and go to https://collegeca.dartmouth.edu/DownloadCerts.jsp to download the Dartmouth Root Certificate.  
  2. Click on the first link, Dartmouth CertAuth1 CA (Dartmouth Root CA).
  3. A Downloads window will appear with an entry called DartmouthCA.cer. Double-click on the paper icon to the left of the text.
  4. The Keychain Access program will open and prompt you for a location to store the Root Certificate. Select System from the drop-down menu and click OK.
  5. You may receive several prompts for your computer password during this process. You may also receive a prompt about trust settings for the Root Certificate. Select Always Trust.
  6. Within the Keychain Access program (the icon on the Dock looks like a set of keys), go to the System keychain. If you do not see this listed, click on the arrow button in the lower-left corner of the Keychain Access window.
  7. Once you click System, you should see a certificate on the right that says Dartmouth CertAuth1. Double-click on it and click on the arrow by Trust. At the top of the list, you will see an entry for When Using This Certificate. Select Always Trust from the drop-down menu.
  8. Now you must install your Private Certificate. This is an encrypted form of your DND name and password. To install it, go to https://collegeca.dartmouth.edu/SimpleRequest.jsp and enter your DND name and password. Select 1024 for the key size, click Submit, then Install the certificate.
  9. In the Downloads window, you will see another certificate, Cert2Install.der. Double-click on the paper icon to the left of the text.
  10. Install this certificate into the login keychain.
  11. Go to the login keychain and find the certificate with your name and double-click on it. Click the arrow by Trust. At the top of the list, you will see an entry for When Using This Certificate. Select Always Trust from the drop-down menu.
  12. Click on the Airport icon and select Open Network Preferences.
  13. Turn Airport off, then click the Advanced button.
  14. On the Airport tab, drag Dartmouth Secure to the top of the Preferred Networks list.
  15. Click Apply, then click Advanced.
  16. Select the 802.1x tab.
  17. Change Domain to User. (Note: If you cannot change to the Domain to User, go to the Preferred Networks and delete Dartmouth Secure, then go back to the 802.1x tab and change the Domain to User.)
  18. Under Configuration, add Dartmouth Secure (click the + sign if it doesn't exist).
  19. Enter your name in the User Name field; leave the Password field blank. The User name entered must be exactly the same as your Common Name attribute in the Subject Name of your Dartmouth certificate, including periods, spaces, and middle initials.
  20. Select Dartmouth Secure as the Wireless network.
  21. Under Authentication, select TLS by checking the box next to the TLS entry. All other boxes should not be checked.
  22. Highlight TLS, then click Configure.
  23. The DartmouthCertAuth 1 should display; highlight your personal certificate, then click Choose.
  24. Click OK, then click Apply.
  25. Turn the Airport back on and connect to Dartmouth Secure.
  26. The following message is displayed: eapolclient wants to sign using key "Key from collegeca.dartmouth.edu" in your keychain - do you want to allow?. Click Always Allow. (Note: If this does not appear, go to your Login keychain and double-click the private key associated with your Dartmouth certificate. Select the Access Control tab and ensure that eapolclient is one of the applications that is allowed to access your private key.)

You can now connect to Dartmouth Secure as your default wireless network whenever you are on campus. It is important to note that there is currently an issue with Mac OS X 10.4.11 and higher connecting to Dartmouth Secure immediately upon turning on your computer. When you first turn on your computer (or restart it), in the Menu bar, you will need to select Dartmouth Public from the Airport icon list, then select Dartmouth Secure. This problem does not exist if you are just waking your computer from sleep mode. Apple has been notified of this issue; we will post information as soon as it is resolved.

For more information related to this topic, see:

03/17/08

 

 

Last Updated: 3/18/08