Quick Links

Home > Services > Getting Services > Certificates > Certificate Client Update Instructions

Certificate Client Update Instructions

If you are the system administrator for your desktop/laptop, please follow the instructions below for Windows, Mac, and Linux to update the client you use to obtain you KCA certificate by November 16, 2009. If you receive automatic security updates – such as patches – on your computer, your client will automatically receive the necessary update, and you do not need to take any action. On November 16, 2009, NetID Manager and get-cert will automatically begin requesting certificates from a new server. If you client is not updated, it will not obtain a certificate and you may lose access to sites and programs you need.

Windows | Mac | Linux

Windows

1. First open your NetID manager to see whether you need to update your certificate client.

NetID manager

Click on menu "Options -> Plugins".

NetID manager

Select "KCACred".

NetID manager

The version must be 2.2.0.2 or higher. If the version is lower, continue with step 2 to update your KCA client.

2. Log in to your computer as administrator.

3. Download the MSI installation file based on whether your computer is running a 32-bit version or a 64-bit version of the Windows operating system.

Click here to find out if your machine is running a 32-bit or 64-bit version of Windows OS.

If your computer is running a 32-bit version, please download http://www-pseekits/DesktopTools/NetIDMgr/Current/Ver-3-2-2/32-bit/kcaplugin-32bit-2_2_0_2-fermi.msi
If you computer is running a 64-bit version, please download http://www-pseekits/DesktopTools/NetIDMgr/Current/Ver-3-2-2/64-bit/kcaplugin-amd64-2_2_0_2-fermi.msi

4. Run the file and follow the dialog boxes presented.

5. Reboot the computer after the installation is complete.

Mac

1. Download the MacGetCert package.

MacGetCertv1

2. Click on "MacGetCertv1" and you will see 2 items: "GetCertInstallv1" and "RunGetCertv1".

MacGetCertv1

3. Double click on "GetCertInstallv1" to install it. Follow the dialog boxes presented.

MacGetCertv1

4. Next select the "RunGetCertv1" application and copy or drag it to "Applications".

RunGetCertv1

You will be prompted to authenticate with your administrator username and password. Click on "Authenticate" to proceed.

RunGetCertv1

How to use the new RunGetCert script

1. Go to "Applications" and double click "RunGetCertv1".

RunGetCertv1

It will close your Firefox browser if it is open.

RunGetCertv1

2. It will open up a terminal window and if you have no valid Kerberos ticket, it will prompt you to enter your Kerberos username and password to get one.

3. If you have set a master password for your Firefox browser (set under menu "Tools->Options...->Security" in your browser), it will prompt you to enter it. It will create your KCA certificate and import it into Firefox. The KCA certificate will remain valid for 7 days.

4. Relaunch your Firefox browser.

Linux

For Scientific Linux Fermi users (SLF4 or SLF5):

open a terminal window and execute the following command and your certificate client will get updated:

[user@localhost ~]$ yum update