• F&A LEADERSHIP
  • Leadership Staff
  • Senior Vice President
• EMPLOYMENT SERVICES
  • Career Zone
  • Human Resources
  • Student Employment
• FINANCIAL SERVICES
  • Accounting
  • Budget
  • Controller
  • Payroll
  • Student Financial Services
• BUSINESS SERVICES
  • Better Me
  • Bookstore
  • Center for Professional Development
  • Digital Den
  • Dining Services
  • Facilities Management
  • Gordon Field House
  • Housing Operations
  • Human Resources
  • Information & Technology Services
  • Institutional Research
  • Parking & Transportation
  • Print & Postal Hub
  • Procurement Services
  • RIT Inn & Conference Center
  • Student Auxiliary Services
  • Tiger Bucks Program
  • University Gallery
• RISK MANAGEMENT
  • Business Continuity
  • Emergency Preparedness
  • Environmental Health & Safety
  • Ethics & Compliance
  • Global Risk Management Services
  • Information Security
  • Institute Audit, Compliance & Advisement
  • Legal Affairs
  • Public Safety

• F&A Home
• ITS
• Services
• Certificate Authority

RIT Certificate Authority

The RIT Certificate Authority, created and maintained by ITS, provides a chain of trust for electronic communications. It forms the basis of a public key infrastructure for services (particularly those protected with SSL/TLS encryption) of value to the campus.

We recommend that all RIT-owned computers import and trust the RIT Certificate Authority. Importing the certificate for the RIT Certificate Authority (CA) allows your computer to accurately identify other certificates that are chained from it. Trusting the imported CA certificate avoids presenting dialogs to you when it encounters a service that has been signed by it.

The RIT CA certificates may be imported and trusted on your personal computer, as well.

Install the certificates and set up trust

We provide standalone installer-based tools for you to import and trust the RIT CA. These are the easiest methods of importing and trusting the relevant certificates, so we recommend you use these installers if you have administrator-level privileges on your computer.

The installers import multiple RIT CA certificates and set up trust for the RIT CA itself in the operating system’s default certificate store:

• On Windows, this store is used by the operating system and the Microsoft Internet Explorer Web browser.
• On Mac OS X, the store is used by most applications, including the Apple Safari Web browser. The certificate store is available through the Keychain Access utility.

The installers do not currently affect third-party applications that do not make use of the operating system’s certificate store. The most common example is the Mozilla Firefox browser.

The installers above are suitable for use on your own computer as well as managed RIT-owned computers. However, Microsoft Windows computers bound to either the MAIN or FINANCE Active Directory domains already trust the certificates and do not need to run the Windows installer linked above.

Manually import and trust the RIT Certificate Authority

If you do not have a computer or device compatible with the installer tools above, you can manually import the RIT CA files. Operating systems and Web browsers typically provide a way to do this.

Importing the certificates and trusting the RIT CA manually is one way to set up the RIT CA in certain third-party applications, such as Mozilla Firefox, that do not use the operating system certificate store.

Download bundled certificates

Download the RIT Certificate Authority certificates as a single “p7b” bundle if the installers above do not work for your system or device. This method works with the Microsoft Internet Explorer Certificate Import Wizard, for example.

Download individual certificates

Download the RIT Certificate Authority certificates as individual “DER” files if the bundle does not work. The individual certificates work better for use with the Keychain Access utility on Mac OS X systems, for example, and can be double-clicked in the Mac OS X Finder.

If you get only one of the files below, be sure to get the “RIT Certificate Authority.cer” file, as that is the most important one — it’s the root certificate that you will want to trust.

Contact us for help

To request desktop support, please contact the ITS Service Desk via

• Phone - (585) 475-HELP
• TTY - (585) 475-2810
• E-mail - helpdesk@rit.edu
• In person - Gannett Building, Room 7B-1113