Benefits and key features
Certificates are a safe way for MIT web applications to identify you without you needing to type in a username and password. Certificates expire once per year, creating the need to renew them annually.
Personal certificates obtained starting June 30, 2014 are valid until July 31, 2015. The MIT Certificate Authority (CA) is valid until August 2026. Learn more.
To access MIT's secure web servers you actually need two different types of certificates: the MIT CA (Certification Authority), and your MIT personal certificate.
The MIT Certificate Authority (MIT CA) authenticates the secure web server to your computer. They are valid for several years.
Note: Browsers come with a group of other certificate signers (also known as certificate or root authorities) pre-installed; you are adding the MIT Certification Authority to this group.
Your MIT Personal Certificate "authenticates" you and your computer to the web page or application you are accessing. This personal certificate is "signed" by the MIT CA and associates you with your Kerberos username and password. It proves to the secure web server that you are who you claim to be.
Before obtaining certificates, make sure you have the following:
- Your MIT ID number
- Your Kerberos username and password
- An MIT-supported web browser installed on each computer for which you are getting certificates
Note: You will be required to change your Kerberos password during certificate renewal if your existing password is older than one year. Learn more.