You may be using a Web browser that does not support standards for accessibility and user interaction. Find out why you should upgrade your browser for a better experience of this and other standards-based sites...

Dartmouth Home  Search  Index

Dartmouth Home | Search | Index

 Dartmouth home page
Computing at Dartmouth
 

Home | Resources | Services | Support | About
Computing > Support >  Library >  Safe Computing > Defenses > Authentication > PKI > Certificates >  

Safari 2.0 and Later

New versions of the Safari Web browser provided with Mac OS 10.3.3 and later include support for client certificates. The Keychain application stores the digital certificates. (The default location of the Keychain Access program is in the Applications/Utilities folder.)

Getting a Digital Certificate

To get a digital certificate, follow the instructions provided below:

  1. Consider what you will be using for a password; see Selecting a Password for tips.
  2. Click on the following link: https://collegeca.dartmouth.edu/index.jsp. A new browser window will open. If the new browser window covers the previous window, move it to the right so you can see these instructions.
  3. On the Dartmouth CAPSO v.1.0 Certificate Authority & PKI Solution Web page, click on Request a Personal Cert under Certificate Requests.
  4. At the Dartmouth Web Authentication Web page, enter your full name as it appears in the Dartmouth Name Directory (DND) [e.g., Susan Q. Jones] and your DND (BlitzMail) password, then press the LOGIN button.
  5. When the Certificate Contents Web page appears, verify that the fields contain the following entries:
    • Common name - Enter your full name as it appears in the DND (e.g., Susan Q. Jones).
    • Email - Enter your Dartmouth e-mail address (e.g., susan.q.jones@dartmouth.edu).
    • Keysize - Change the setting to 1024 (Medium Grade).
    • Certificate Type - Select Software Certificate.
  6. Click the Submit button.
  7. When the Confirmation Data Web page appears, verify the data, then press Install Certificate.
  8. The Web browser will ask if you want to retrieve the certificate. Click OK.
  9. In the download window that appears, take note of the certificate file's name (e.g., Cert2Install.der) location, then close the download window.
  10. You now need to install the certificate to your computer's Keychain Access application:
    1. Use the Finder to locate the Keychain Access icon in the Applications/Utilities folder.
    2. Drag and drop the certificate file into the Keychain Access icon.
    3. The Keychain Access application opens and you are prompted to add the certificates from the file to a Keychain. Select the Login keychain. Click OK.
    4. A list of all your Keychain items appears. You can verify your new certificate by selecting My Certificates. Your certificates will appear and the recent addition will have a date two years from today.
  11. Keychain Access now contains your certificate, public key, and private key. Quit the Keychain Access application.

Get the Dartmouth College Root Certificate

  1. Return to the Dartmouth CAPSO v.1.0 Certificate Authority & PKI Solution Web page and click on the Root Certificates link under Download.
  2. When the Download Certificates Web page appears, click on the Dartmouth CertAuth1 CA (Dartmouth Root CA) link.
  3. The certificate file DartmouthCA.cer will download to your Macintosh.
  4. Drag and drop the certificate file onto the Keychain Access icon in the Applications/Utilities folder.
  5. The Keychain Access application opens and you are prompted to add the certificates from the file to a Keychain.
    1. For Mac OS X 10.4 and earlier, select the X.509 Anchors keychain. Click OK.
    2. For Mac OS X 10.5, select the System keychain. Click OK.
  6. Keychain Access will now contain the Dartmouth College Root certificate. Quit the Keychain Access application.

Verifying a Certificate

To check a certificate:

  1. Open the Keychain Access application.
  2. In the Category column, click Certificate.
  3. A list of certificates currently installed on your Macintosh appears. You can double-click on any of them for their details.

Importing or Exporting a Certificate

On Mac OS, the Keychain Access program is used to store private keys and certificates.

Importing a Certificate

  1. Open the Keychain Access application in the Application/Utilities folder.
  2. Select Import from the File menu and browse for the certificate you wish to import. Click Open.
  3. Enter the password you supplied for the P12 file when you created it.

You can also drag and drop the certificate file onto the Keychain Access icon.

Exporting a Certificate

  1. Open the Keychain Access application in the Application/Utilities folder.
  2. Highlight the certificate you wish to export by clicking on it.
  3. Select Export from the File menu and browse for the certificate you wish to import. Click Open.
  4. Choose a location for the exported file, then click Save.
  5. Enter a password to secure the certificate file, then click OK.

03/14/08

 

 

Last Updated: 3/14/08