Installing the Certificate Authority on BYOD devices

Certificate Authorities and HTTPS Interception

This Smoothwall web filter can be configured to use HTTPS Interception. For this to work as smoothly as possible, your device may require an additional certificate authority to avoid problems with HTTPS sites, in particular those with HSTS or HTTPS certificate pinning.

The Certificate Authority will be available from the IT team

Internet Explorer

• Get the Certificate Authority from IT or from http://intranet.xaverian.ac.uk/Certificate/
• From the Control Panel, open Internet Options
• Go to Content > Certificates
• Go to the Trusted Root Certification Authorities tab
• Click Import
• Navigate to your download directory and select the file you downloaded earlier
• Click OK
• Restart Internet Explorer

Chrome (Windows)

• Get the Certificate Authority from IT or from http://intranet.xaverian.ac.uk/Certificate/Fortinet_CA_SSL.cer
• Go to Menu > Settings
• Expand Show advanced settings
• Go to HTTPS/SSL > Manage certificates...
• Go to the Trusted Root Certification Authorities tab
• Click Import
• Navigate to your download directory and select the file you downloaded earlier
• Click OK
• Click Finished and close the settings tab
• Restart Chrome

Firefox (Windows)

• Get the Certificate Authority from IT or from http://intranet.xaverian.ac.uk/Certificate/Fortinet_CA_SSL.cer and click the Download the certificate button
• When prompted select Trust this CA to identify web sites and click OK
• Restart Firefox

Safari (OS X)

• Get the Certificate Authority from IT or from http://intranet.xaverian.ac.uk/Certificate/Fortinet_CA_SSL.cer
• From the Finder menu, go to Go > Utilities.
• Launch the Keychain Access application
• From the Keychains panel, click System
• From the Category panel, click Certificates
• Create a new keychain by clicking the [ + ] at the bottom of the Keychain Access window
• Navigate to your download directory and select the certificate file
• Click Open
• If prompted, enter your MAC password and click Modify Keychain Access
• Double-click the relevant certificate in the list
• Expand the Trust section
• In the When using this certificate drop-down, select Always Trust
• Close the certificate window
• When prompted, enter your MAC password to confirm the changes and click Update Settings
• Close the Keychain Access window
• iPad, iPhone, iPod, iOS (Safari)
• Click the Download the certificate button
• When prompted, press Install
• If prompted, enter or configure your password to confirm
• Navigate to Settings > General > About > Certificate Trust Settings and enable Full Trust for Root certificates

Android (Chrome)

• Get the Certificate Authority from IT or from http://intranet.xaverian.ac.uk/Certificate/Fortinet_CA_SSL.cer
• When prompted, enter a name of your choice for the certificate
• Click OK, If prompted, enter or configure your password to confirm
• If prompted, enter a certificate name
• If prompted, from the Credentials use drop-down select VPN and apps
• Click OK
• To confirm certificate installation was successful, navigate to Settings > Trusted credentials
• Select the User tab to view user installed certificates

Chromebook, ChromeOS

• Get the Certificate Authority from IT or from http://intranet.xaverian.ac.uk/Certificate/Fortinet_CA_SSL.cer
• Go to Menu > Settings
• Expand Show advanced settings
• Go to HTTPS/SSL and click Manage certificates...
• Go to Authorities and click Import...
• Navigate to your download directory and select the file you downloaded earlier
• Select Trust this certificate for identifying websites
• Click OK
• Click Finished and close the settings tab