Sorry, you need to enable JavaScript to visit this website.

RIT Certificate Authority

RIT Certificate Authority

The RIT Certificate Authority, created and maintained by ITS, provides a chain of trust for electronic communications. It forms the basis of a public key infrastructure for services (particularly those protected with SSL/TLS encryption) of value to the campus.

We recommend that all RIT-owned computers import and trust the RIT Certificate Authority. In nearly all cases, your System Administrators have taken care of this for you, and the below certificates should not be necessary. Importing the certificate for the RIT Certificate Authority (CA) allows your computer to accurately identify other certificates that are chained from it. Trusting the imported CA certificate avoids presenting dialogs to you when it encounters a service that has been signed by it.

The RIT CA certificates may be imported and trusted on your personal computer, as well, using the files below. This is required for certain files and services.

Manually import and trust the RIT Certificate Authority

If necessary, you can easily manually import the RIT CA files below. Operating systems and Web browsers typically provide a way to do this, which can vary. Please contact ITS Resnet for assistance with manually importing these certificates, if necessary.

Importing the certificates and trusting the RIT CA manually is one way to set up the RIT CA in certain third-party applications, such as Mozilla Firefox, that do not use the operating system certificate store.

These certificates are only good for several years at a time, and must be re-imported and trusted as new ones are posted.

Download certificates bundle

Download all RIT/ITS Certificate Authority certificates in a single PKCS #7 Certficate bundle.

RIT Certificate Authorities BUndle


(Right Click -> Save As on link above)


Expiration: June 2019

Download individual certificates

Download the RIT Certificate Authority certificates as individual “DER” files below. In most cases, it is necessary to import all certificates below, so the chain of trust is complete.

For this certificate … Download this file …
RIT Certificate Authority 
(trusted root)

RIT Certificate Authority.cer

(Right Click -> Save As on link above)


Expiration: 6/8/2019

ITS Certificate Authority 

ITS Certificate Authority.cer

(Right Click -> Save As on link above)


Expiration: 6/7/2019

RIT AD Certificate Authority 

RIT AD Certificate Authority.cer

(Right Click -> Save As on link above)


Expiration: 6/8/2019

Contact us for help

To request assistance with installing these certificates, please contact the ITS Service Desk

Note: For assistance with  personally owned computers, please go to the RESNET home page.