Department of Astronomy Root Certificate Installation

Secure mail, secure reading of mail through imap or pop, and secure web pages are protected by digital certificates that are signed by the University of Maryland Department of Astronomy Root Certificate. To avoid having to click through those annoying pop-up boxes every time you load a page that is secured with a Department of Astronomy signed certificate, install the Department of Astronomy Root Certificate into your browser.

Install Department of Astronomy root certificate.

After you click on the link above, a pop-up may appear. This is the pop-up that appears when you use the firefox web browser:

To avoid secure server dialogs from a web browser, the trust for network/web sites box and the trust for email users box should be checked. If by mistake you install this certificate without checking those the boxes, you will not be able to use this certificate even though it is now installed. You can recover from this situation by either deleting the certificate with your browser preferences and trying again or by using your browser preferences to edit the trust settings for this certificate.

In firefox: to delete this certificate:
Edit->Preferences->Advanced->Encryption->View Certificates->University of Maryland->astro.umd.edu->Delete
To edit the trust settings for this certificate:
Edit->Preferences->Advanced->Encryption->View Certificates->University of Maryland->astro.umd.edu->Edit

Other programs which are not web-based that require access to certificates may have different ways of obtaining access to those certificates. The department Linux and Solaris workstations have already been set up with whatever is required for those programs to work. However, programs on your own laptops or home computers may require that you do some of your own setup. Web browsers or web browser-like programs can be configured with the instructions on the top of this page. However, what is required by other programs may be more complicated. Many programs can made aware of the department root certificate by appending the root certificate to a particular file. On CentOS 5 this file is /etc/pki/tls/certs/ca-bundle.crt. On the department workstations, this has already been done. This satisfies pine and alpine on these computers. On other operating systems, including other versions of Linux, the location of this file is likely to be different.

Here is the root certificate in PEM text form. It can be appended to whatever file on your computer requires it.