Send Feedback | Dartmouth Home

Ask Us iconAsk Us

Got a question?
We can help.

Off-Campus Access IconOff-Campus Access

How to connect from
off-campus

Digital Library Technologies Group

Contact Information

  • Digital Library Technologies Group
  • Baker-Berry Library
  • Hanover, NH 03755
  • Fax: (603) 646-1043
Home >    Digital Library Technologies Group

Using PKI Certificates

Getting and Using PKI Certificates

This is a guide for library staff to a new authentication method supported by Dartmouth Computing Services and the Dartmouth Library. This document will:

  • explain certificates, PKI and other mysterious jargon
  • help staff configure and test their desktop computers and web browsers so they can access restricted library resources and web services

Definition of terms

PKI
Public Key Infrastructure.
Cert
Commonly used abbreviation for certificate.

When, and why, do I need to know this?

SideCar, the primary authentication mechanism for library resources and restricted-access web pages, does not work on newer Macintosh computers. SideCar, which was developed by Cornell University, has not been updated in more than a year and will not be upgraded to work with newer Macintoshes.

Over the last two years, Computing Services has been promoting the use of newer authentication methods using PKI certificates through their Campus Security Initiative. PKI certificates can be used on a variety of different computers including the new Macintoshes.

Some library resources are already able to take advantage of certificates, but with the shrinking use of SideCar the conversion of all resources to use new methods is needed. We will not eliminate support of SideCar. It will become the fall-back option if a PKI certificate is not available.

Please note that MANY commercial resources licensed by the library use IP authentication for access. This is not changing.

What's a certificate and where does it live?

Certificates are special files stored by your Web browser, application, or operating system. A certificate and its private key allows you to access resources on the Dartmouth network. More information is available from Computing Services: About certificates.

Getting and using a personal certificate

To gain access to a service that uses PKI authentication you must first install a personal certificate on your computer. See Using PKI Secure Certificates at Dartmouth for instructions for getting and installing a personal certificate for your workstation.

Getting and using a Dartmouth certificate

To use your PKI personal certificate, you will also need to install the Dartmouth root certificate in your Web browser's certificate store. This root certificate helps your computer determine if Dartmouth's issued certificates are trustworthy. Follow the directions provided for your browser on the Web page Import the Dartmouth Certificate Authority Root Certificate to download the certificate and set it to be trusted.

Last Updated: 9/30/08