The MIT certificate(s) installed on your computer will expire on July 30, 2022. You must renew these certificates by that date to retain access to MIT’s secure web applications, including Atlas, WebSIS, software downloads, and more.
Having a valid certificate is the first step in verifying your identity via MIT’s Touchstone authentication service. The second step is provided through Duo two-factor authentication. To access MIT’s secure online spaces, you need both a valid certificate and a device registered for use with Duo.
How to renew your certificates
You'll need to renew the certificate for each browser on every device you use. Renewal consists of downloading and installing replacement certificates for your expiring ones.
To install new certificates for Chrome, Edge, and Safari browsers, CertAid is the quickest and easiest solution. Download and install the latest version of CertAid from the IS&T software grid. Instructions for using CertAid can be found in the IS&T Knowledge Base (KB).
Recent versions of Firefox can also use certificates installed by CertAid. However, older versions cannot, in which case certificates must be manually installed. The KB has instructions for installing new certificates in Firefox.
Whether you use CertAid or install certificates manually, the use of Duo two-factor authentication is required. Be sure to have a Duo-registered device handy during installation.
Delete your old certificates
Once you install new certificates, deleting your old ones may help you avoid problems accessing sites and resources. IS&T strongly recommends deleting your old certificates unless you use S/MIME to sign or encrypt emails, in which case you should not delete them.
CertAid will prompt you to delete these old certificates after the new ones have been installed.
Verify your new certificates
To ensure your certificate installation was successful, you can test them using the Certificate Test page.
Update your Kerberos password
If your Kerberos password is over a year old, you will need to change it before you can renew your certificates. Choose a strong password and consider using a password manager to save passwords and increase your online security. LastPass Enterprise is available to MIT community members for no charge.
Note that IS&T will never ask you to send or reset your Kerberos password via email.
If you have any questions or concerns, contact the IS&T Service Desk.