Installing the School's Site Certificate

Many of the School's services use SSL to encrypt the network traffic between your machine and the server. Examples include accessing webmail and the School calendar or reading e-mail with encrypted IMAP or POP connections. However, our servers use self-signed SSL certificates which Mac OS X does not fully trust. Consequently, whenever an application attempts to establish a SSL connection with one of the School's servers, a warning message is displayed and the user is prompted to confirm whether the connection should be continued. This problem can be overcome by installing the School's root certificate on your machine which instructs Mac OS X to trust all SSL connections made to the School's servers.

Installing the School's Root Certificate

Downloading the Certificate

The certificate can be downloaded from here.

  • Hold the Ctrl key and click the link
  • Select Save Linked File As... from the pop-up menu
  • Save the file to a suitable location and select Don't Append when prompted to specify whether to append the txt extension to the file

Installing the certificate

  • Click on the downloaded root.cer file
  • This will start the Keychain Access application which manages application security (including SSL certificates) in Mac OS X
  • The Add Certificates window will appear and prompts for the name of the Keychain where the certificate will be installed
  • Select the X509 Anchors Keychain from the menu
  • Enter the username and password for an administrative account when prompted
  • Close the Keychain Access application

Note: You may need to restart Safari or Mail before the site certificate is used to trust SSL connections.

Note: SSL connections will only be trusted if the fully qualified name of the server is used i.e., server-name.cs.bham.ac.uk