Both sides previous revision
Previous revision
Next revision
|
Previous revision
Next revision
Both sides next revision
|
computing:certificate [2009/12/30 11:18] lessem |
computing:certificate [2009/12/30 20:41] lessem |
The [[http://en.wikipedia.org/wiki/Certificate_authority|certificate authority]](CA) which issued IBG's website certificate has had their own certificate expire. They have issued a new certificate, but the new certificate is not yet incorporated into many web browsers. Web browsers that do not have the new certificate will show a security warning. To avoid this warning the new CA certificate must be installed in your browser. | The [[http://en.wikipedia.org/wiki/Certificate_authority|certificate authority]](CA) which issued IBG's website certificate has had their own certificate expire. They have issued a new certificate, but the new certificate is not yet incorporated into many web browsers. Web browsers that do not have the new certificate will show a security warning. To avoid this warning the new CA certificate must be installed in your browser. |
| |
Detailed instructions for updating the certificate will be provided soon. | |
| |
===== Certificate Installation Instructions ===== | ===== Certificate Installation Instructions ===== |
| |
Or, [[http://certs.ipsca.com/store/ipsCAGlobal.crt|click here to install the certificate directly from their page]]. | Or, [[http://certs.ipsca.com/store/ipsCAGlobal.crt|click here to install the certificate directly from their page]]. |
| |
| That will bring up a dialog box. Check the box for ''Trust this CA to identify web sites'' and then click ''OK''. |
| |
| {{ :computing:firefox-authorize.png |check the box for "Trust this CA to identify web sites."}} |
| |
==== Thunderbird ==== | ==== Thunderbird ==== |
| |
Windows 7 and Windows Vista normally will [[http://technet.microsoft.com/en-us/library/cc749331%28WS.10%29.aspx|automatically download updated certificates]] with no necessary user interaction. | Windows 7 and Windows Vista normally will [[http://technet.microsoft.com/en-us/library/cc749331%28WS.10%29.aspx|automatically download updated certificates]] with no necessary user interaction. |
| |
| ==== Mac OS X and applications (Safari and Mail.app) ==== |
| |
| To add the CAcert Root Certificate to Apple Safari, use the Keychain Access application which is shipped with Mac OS X. |
| |
| To install the certificate system-wide, you need to follow these steps: |
| |
| - Download the [[http://certs.ipsca.com/store/ipsCAGlobal.crt|updated certificate]] and save it someplace convenient. |
| - Double click on the ''ipsCAGlobal.crt'' file. The Keychain Access application will be launched |
| - Select ''System'' from the ''Keychain'' dropdownlist and press ''OK''. |
| - You will be asked to authenticate yourself. |
| - Click ''Always Trust'' |
| - You will then have to authenticate yourself again. |
| |
| ==== Google Chrome ==== |
| |
| Google Chrome uses the native operating system to handle certificates. Follow the instructions to make sure that [[:computing:certificate#microsoft_products_internet_explorer_outlook_etc|Microsoft Windows]] or [[:computing:certificate#mac_os_x_and_applications_safari_and_mail.app|Mac OS X]] has the new certificate. However, in the version of Google Chrome release version available as of this writing (3.0.195.38) there is a bug which requires clearing the cache to properly validate the new certificate if the website was visited while the old certificate was in place. |
| |
| If you visit the [[https://ibg.colorado.edu|IBG secure website]] and there are no errors or warnings, then nothing else needs to be done. |
| |
| If after updating your operating system the Chrome address bar shows a red ''https:'' with a line through it, then follow these steps to force Chrome to reload the certificate. |
| - Click the wrench in the top right corner |
| - Click ''Clear browser data'' |
| - Make sure **only** ''Empty the cache'' is selected |
| - Change the ''Clear data from this period:'' to ''Everything'' |
| - Click ''Clear browsing data'' |
| - Click the wrench again |
| - Select ''Options'' |
| - Select the ''Under the hood'' tab |
| - Scroll to the bottom and un-check the ''Check for server certificate revocation'' box |
| - Click ''Close'' |
| - Exit Chrome |
| - Launch Chrome |
| - Click the wrench again |
| - Select ''Options'' |
| - Select the ''Under the hood'' tab |
| - Scroll to the bottom and re-check the ''Check for server certificate revocation'' box |
| - Click ''Close'' |
| |