--> --> Updating The Security Certificate For Your Web Browser -->

Updating The Security Certificate For Your Web Browser

While browsing university web sites, you may encounter a situation when accessing a valid web site where you get a warning about the security certificate not being from a trusted certificate source. Different browsers will present this information to you in different wording:

• Firefox:
  "Unable to verify the identity of sitename as a trusted site."
• Internet Explorer:
  "The security certificate was issued by a company you have not chosen to trust. View the certificate to determine whether you want to trust the certifying authority."
• SeaMonkey:
  "Unable to verify the identity of sitename as a trusted site."
• Safari:
  "The certificate for this website was signed by an unknown certifying authority. You might be connecting to a website that is pretending to be sitename which could put your confidential information at risk."
• Opera:
  "The certificate for sitename is signed by the unknown Certificate Authority "UMD College Park Server Signing v1". It is not possible to verify that this is a valid certificate"

There are three ways to handle this situation. You can choose not to proceed, but won't access the site. You can choose to ignore this message (with or without verifying the certificate details) and click Continue to access the site, or create an exception. If you do decide to do this, make sure you do verify the certificate is a valid one before continuing, else you leave yourself open to malicious tampering from a rogue web site. It is poor security practice to simply click "Ok" or "Yes" without verifying the content of the security certificate.

The recommended way to deal with this is to update your browser's root security certificate. By updating the root security certificate, you should eliminate the warning window. The Office of Information Technology (OIT) strongly recommends adding the university root security certificate to your browser; this will improve the overall security of your computer, allowing you into most of the valid university web sites without the warning.

• Instructions for Internet Explorer (6 & 7)
• Instructions for Firefox (2.x & 3.x) on Windows
• Instructions for SeaMonkey on Windows
• Instructions for Safari on Macintosh
• Instructions for Opera on Macintosh
• Instructions for Firefox (2.x & 3.x) on Macintosh

1. Delete the old security certificate (if any):
   • Launch Internet Explorer
   • Click Tools then Internet Options
   • On the Internet Options window, select the Content tab and click the Certificates button
   • On the Certificates window, click on the Trusted Root Certification Authorities tab; you should see a list of issuing certificate authorities and the corresponding certificates
     - Scroll through the list to search for UMD College Park root
     - If found, click to select it, then click the Remove button
   • Click Yes
   • Click Yes
2. Get new root security certificate:
   • Type in the URL http://cert.umd.edu
   • Click the install the University Root Certificate link
   • Click the Install DER root certificate (for Internet Explorer or Opera browser)
   • Select Open
   • Click Install Certificate
   • Click Next
     
   • In the Certificate Store window, select the Place all certificates in the following store, then click the Browse button
   • Select Trusted Root Certification Authorities
   • Click OK
   • Click Next
   • Click Finish
   • Click Yes to the You are about to install a certificate... window
   • Click OK in the Import successful window
   • Click OK in the Certificate window to finish

1. Delete the old security certificate (if any):
   • Select Tools -> Options -> Advanced -> Encryption -> View Certificates
   • Click Authorities tab
   • Search for University of Maryland -> Root Certificate Authority;
     • If found, click Delete
     • Click OK in the Delete CA Certificates window
2. Get new root security certificate:
   • Go to the URL http://cert.umd.edu
   • Click the install the University Root Certificate link
   • Click the * Install PEM root certificate (for Netscape or Mozilla-based browser)
   • Click ONLY the check box "Trust this CA to identify web sites", not the choices for "Trust this CA to indentify email users" or "Trust this CA to identify software developers"
   • Click OK

1. Delete the old security certificate (if any):
   • Select Edit -> Preferences -> Privacy & Security -> Certificates
   • In the Certificates window, click on Manage Certificates, then click on Authorities
     - Search for University of Maryland -> Root Certificate Authority
   • If found, click Delete
   • Click OK in the Certificate Manager window
2. Get new root security certificate:
   • Go to the URL http://cert.umd.edu
   • Click the install the University Root Certificate link
   • Click the * Install PEM root certificate (for Netscape or Mozilla-based browser)
   • Click ONLY the check box "Trust this CA to identify web sites", not the choices for "Trust this CA to indentify email users" or "Trust this CA to identify software developers"
   • Click OK

1. Get new root security certificate:
   • Go to the URL http://cert.umd.edu
   • Click the install the University Root Certificate link
   • Click "Safari" the Download MacOSX root installer (for Safari browser, if .dmg file does not automount, double click it)
   • Click Continue
   • Double click on the UMD-CA icon
   • Click on Continue three times
   • Click on Install
   • Click OK

1. Delete the old security certificate (if any):
   • Select Tools -> Preferences -> Advanced -> Security
   • Click Manage Certificates button
   • In the Certificate Manager window, click on the Authorities tab
   • Search for University of Maryland -> Root Certificate Authority
   • If found, click Delete
   • Click OK in the Delete CA Certificates window
2. Get new root security certificate:
   • Go to the URL http://cert.umd.edu
   • Click the install the University Root Certificate link
   • Click the Install DER root certificate (for Internet Explorer or Opera browser)
     
   • Click OK

1. Delete the old security certificate (if any):
   • Select Firefox -> Preferences -> Advanced -> Encryption -> View Certificates button
   • In the Certificate Manager window, click on the Authorities tab
   • Search for University of Maryland -> Root Certificate Authority
   • If found, click Delete, then OK in the Delete CA Certificates window
2. Get new root security certificate:
   • Go to the URL http://cert.umd.edu
   • Click the install the University Root Certificate link
   • Click the * Install PEM root certificate (for Netscape or Mozilla-based browser)
   • Click ONLY the check box "Trust this CA to identify web sites", not the choices for "Trust this CA to indentify email users" or "Trust this CA to identify software developers"
   • Click OK