Network Engineering & Technology
George Mason University
Aquia Building, Mailstop 1B5
4400 University Dr.
Fairfax VA, 2030-4444
July 12, 2013
Mac Lion using Firefox to export certificate
There are two parts of this process, please make sure to complete both parts. Activate your wireless connection to the Mason network. Then, using Firefox follow the steps below:
- Connect to https://uac.gmu.edu.
- Select Tools > Page Info > Security > View Certificate > Details > Export.
- Save the certificate to your hard drive in the X.509 Certificate (PEM) format with an extension of .crt (e.g., uac.gmu.edu.crt).
- Close Firefox.
Import the certificate into a Mac keychain with the following steps:
- Open Keychain Access.app (this can be done by using the Spotlight tool, entering “keychain” in the search box and selecting “Keychain Access” from the results provided).
- Select login in the keychains window on the left.
- Drag the certificate saved above from Finder into the right Keychain Access window (it will create a new keychain line, uac.gmu.edu).
- Double click on the certificate (uac.gmu.edu) and expand the Trust section.
- Choose "When using this certificate: Always Trust."
- Close the popup window. You may be asked to enter your password to update the settings.
- Close Keychain Access.
When you run Safari*, it will now be able to connect to the secure captive portal page.
Limitations of the Fix
The downside to this procedure is that if the secure captive portal certificate is compromised, the user's system will not check and will continue to trust the certificate. If this does happen, then it is likely that Mason (or the other secure captive portal site) will replace the certificate before Apple is aware of the problem. The user will again not be able to access the site via the secure captive portal and will be made aware that they will need to remove the old certificate and add the new certificate.
*A new user will also have to confirm that Java is installed and enabled on their system.
How to check to see if Java is installed and enabled:
- Open Java Preferences (Launchpad -> Utilities -> Java Preferences).
- On the General tab, just below the tabs, ‘Enable-applet-plugin’ should be checked.
Also on the General tab, there should be versions of Java listed in the large window at the bottom. If you do not already have a version of Java loaded, you will need to download one. This cannot be done from the wireless network. You will need to establish a network connection at some other location, connect to java.com, and follow the directions for installing Java on your system.