Access Keys:
Skip to content (Access Key - 0)

CertAid 2.2.6 for Mac

On this page:

Install/Renew Certificates

Follow these steps to install/renew your certificates for use in Safari and Chrome on Mac OS X 10.10 and newer.

CertAid will not successfully install on versions prior OS X 10.10
  1. Download and launch CertAid.
    Note: Install any updates if prompted. If you receive a message that states "Certaid can't be opened because the identity of the developer cannot be confirmed", please go to this link: Mac OS X - Identity of developer cannot be confirmed
    Result: The Welcome to CertAid screen is displayed.


  2. Select Request or renew an MIT certificate and click Continue.
    Result: The Verify Your Identity screen is displayed.


  3. Enter your Kerberos username and Kerberos password, select your two-factor (Duo) authentication option, and click Continue.
    Result: If you used the "Duo Push," "SMS Passcode" or "Call Me" option, you will receive a push notification or call. If you used a Duo or Yubikey passcode, proceed to step 5.

  4. Complete your Duo two-factor authentication by accepting the push or entering the code you're given by SMS or phone call.
    Result: The Request Certificate screen is displayed.


  5. Enter a Certificate Life, or leave the default value (the maximum certificate life), and click Continue.
    Note: Most users should accept the default value.
    Result: The Install Your Certificates screen is displayed.


    Note: If CertAid finds one or more existing certificates, you will be asked if you want to delete them. If you have used S/MIME for email encryption, do not delete your certificates. For more information, see Should I Delete My Old or Expired Personal Certificate?.

    Note: If you are prompted for a keychain password on each certificate added during this step (not just once or twice), manually remove all mit.edu trusted site entries from the users keychain and try again. 

  6. The Install Your Certificates window displays the progress of installing the MIT Certificate Authority and your personal certificate. Once these steps are completed, click Continue.
    Result: The Identity Preferences screen is displayed.


  7. The Identity Preferences window displays the progress of configuring your personal certificate to work with certain certificate-protected MIT websites. Once completed, click Done.

    Result: CertAid quits.

  8. The first time you attempt to use your new certificate, you will see this prompt. Click Always Allow. If prompted for a password, enter the logon password for the MacOS user account.


    You must select Always Allow, otherwise this prompt will continually recur. This is often mistaken for a failed password entry attempt, but it is the expected behavior when Allow is clicked instead of Always Allow.

Using CertAid 2.x to Configure Existing Certificates on Mac OS X 10.10 & newer

See Also

IS&T Contributions

Documentation and information provided by IS&T staff members


Last Modified:

August 06, 2021

Get Help

Request help
from the Help Desk
Report a security incident
to the Security Team
Labels:
certaid certaid Delete
c-certaid c-certaid Delete
certificate certificate Delete
mac mac Delete
osx osx Delete
install install Delete
el el Delete
capitan capitan Delete
macos macos Delete
sierra sierra Delete
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.
Feedback
This product/service is:
Easy to use
Average
Difficult to use

This article is:
Helpful
Inaccurate
Obsolete
Adaptavist Theme Builder (4.2.3) Powered by Atlassian Confluence 3.5.13, the Enterprise Wiki