Workaround for installing CSAIL Certificates in Internet Explorer

The below applies to Windows Vista, Windows 7, and similar/later versions (eg Server 2008). (Using Windows XP? Obtain CSAIL Certificates directly.) Instructions were written using Internet Explorer 7, but apply with very minor differences to IE 8.

Completing the below steps allows you to:

• use CSAIL secure websites and web applications in Internet Explorer
• use CSAIL secure websites and web applications in Google Chrome
• connect to the CSAILPrivate wireless network

First, you will install the CSAIL Master CA certificate -- the cornerstone of the CSAIL certificate system, also known as the "authority certificate" -- in your browser.

1. Within Internet Explorer, click the download link ca.csail.mit.edu/cacert/master.cer. This will pop up a security warning alert box, where you can safely click "Open:"
   
2. Click "Allow" to permit "Crypto Shell Extensions" to start the import process:
   
3. Click "Install Certificate...", then "Next."
   
4. Click "Place all certificates in the following store", then "Browse..."
   
   • Select Trusted Root Certification Authorities, then Click "OK," "Next," and "Finish."
5. You will be given a final opportunity to verify the validity of the certificate before installing it. Compare the thumbprint on your screen to that below, then click "Yes."
   

Next, you will use Firefox to obtain and export your CSAIL client certificate.

1. Install Firefox and use it to obtain a client certificate, following instructions at CertificatesFirefox.
2. In Firefox, open Tools -> Options -> Advanced -> Encryption -> View Certificates -> Your Certificates, select your CSAIL client certificate. (If you see more than one, it will be the one underneath "MIT Computer Science and Artificial Intelligence Laboratory" that has an "Expires On" date in the future.) Click "Backup", following the prompts to export your certificate with a password.
3. This will create a file containing your certificate that you can import into the Windows certificate services where IE will be able to use it.

Finally, in Internet Explorer, go Tools -> Internet Options -> Content -> Certificates -> Import, and choose the file you just created. You may need to change the file type filter from "X.509" to "Personal Information Exchange (*.p12)"; otherwise, follow the prompts.

Topic CertificatesIEWorkaround . { Edit Attach Backlinks: Web All webs Printable History: r9 < r8 < r7 < r6 < r5 More }