Skip to main content

PFX Certificate Installation on Mac or Windows Browser

Introduction

This document provides information on installing a PFX certificate on an Apple Mac or Windows PC desktop using a supported browser type

Apple Mac

Windows PC

Chrome

Chrome

Firefox

Firefox

Safari

Prerequisites

1. SecureAuth IdP appliance with PFX realm instantiated

SecureAuth IdP Version

OS Version

6.x+

  • Windows Server 2008

  • Windows Server 2008 R2

  • Windows Server 2012

  • Windows Server 2012 R2

2. End-user account and Apple Mac / Windows PC desktop that uses a PFX certificate to authenticate to the VPN

PFX Certificate Installation Steps

Notice

Screenshots included in these steps were made on a SecureAuth IdP Version 9.0.0 configured to use the 2016 Light theme

Certificate installation pages the end-user sees may differ from these images depending on browser settings, SecureAuth IdP version, and theme configured on the Web Admin

Mac (Later IdP Version) - Chrome Browser Configuration Steps

1. In a Chrome browser, enter the URL for the PFX realm and Submit the username to be associated with the PFX file

43423086.png

2. Select an applicable method to receive a One Time Registration Code and click Submit

43423085.png

3. Input the One Time Registration Code disseminated from the previously selected method and click Submit

43423084.png

4. Input the Password credential for the previously supplied username and click Submit

43423126.png

5. Wait for the PFX file to be created; Chrome automatically saves the file to the Downloads directory

43423125.png

6. Navigate to the download path of the PFX certificate file

43423124.png

7.To install the PFX file, begin by double-clicking the file

When prompted for the privatekey Password, enter the same password supplied in step 4 and click OK

43423123.png

8. Keychain Access now starts, allowing end-user validation, verification and certificate viewing

43423122.png

Note

The steps above let the non-IPSec end-user install the PFX certificate for VPN access and connect to the VPN to be authenticated

IPSec and SSLVPN end-users must complete the remaining two steps below

Steps for IPSec Users and SSLVPN end-users

9.Right-click the PFX certificate and select New Identity Preference

43423250.png

10. Input the VPN URL used for authenticating with the PFX certificate

Select Add and then close Keychain Access

Notice

The trailing '/' of the URL string may or may not be required based on the browser cache

43423251.png

With the PFX certificate now installed, the VPN can now be accessed for authentication

Mac (Later IdP Version) - Firefox Browser Configuration Steps

1. In a Firefox browser, enter the URL for the PFX realm and Submit the username to be associated with the PFX file

43423121.png

2. Select an applicable method to receive a One Time Registration Code and click Submit

43423120.png

3. Input the One Time Registration Code disseminated from the previously selected method and clickSubmit

43423119.png

4. Input the Password credential for the previously supplied username and clickSubmit

43423118.png

5. After the PFX file is created, select Save File rather than Open with when prompted by the browser window, then click OK

43423117.png

6. Select Preferences from the Firefox application menu

43423116.png

7. Select the Advanced link and the Certificates sub-tab, and finally click View Certificates to start the Certificate Manager

43423115.png

8. With the Your Certificates tab selected, click Import

43423114.png

9. Input the VPN URL used for authenticating with the selected PFX Certificate and click Add

43423113.png

10. When prompted for the private key Password used to encrypt the certificate, supply the same password used in step 4 and click OK

43423112.png

11. The success Alert indicates the PFX certificate has been successfully imported and installed; click OK

43423111.png

12. Certificate Manager now lets the end-user validate, verify, and view the newly-installed certificate

Click OK to close Certificate Manager

43423110.png

With the PFX certificate now installed, the VPN can now be accessed for authentication

Mac (Later IdP Version) - Safari Browser Configuration Steps

1. In a Safari browser, enter the URL for the PFX realm and Submit the username to be associated with the PFX file

43423109.png

2. Select an applicable method to receive a One Time Registration Code and click Submit

43423108.png

3. Input the One Time Registration Code disseminated from the previously selected method and click Submit

43423107.png

4. Input the Password credential for the previously supplied username and click Submit

43423106.png

5. Wait for the PFX file to be generated; Safari 5.1 and later automatically accepts the download and saves it to the default download directory path: Users/[useraccountname]/Downloads

Navigate to the download directory path of the PFX certificate file

43423105.png

6. To install the PFX file, begin by double-clicking the file

When prompted for the privatekey Password, enter the same password supplied in step 4 and click OK

43423104.png

7. Keychain Access now starts, allowing end-user validation, verification and certificate viewing

43423103.png

Note

The steps above let the non-IPSec end-user install the PFX certificate for VPN access and connect to the VPN to be authenticated

IPSec end-users must complete the remaining two steps below

Steps for IPSec Users

8. Right-click the PFX certificate and select New Identity Preference

43423102.png

9. Input the VPN URL used for authenticating with the PFX certificate

Select Add and then close Keychain Access

Notice

The trailing '/' of the URL string may or may not be required based on the browser cache

43423101.png

With the PFX certificate now installed, the VPN can now be accessed for authentication

Windows (Later IdP Version) - Chrome Browser Configuration Steps

1. In a Chrome browser, enter the URL for the PFX realm and Submit the username to be associated with the PFX file

43423100.png

2. Select an applicable method to receive a One Time Registration Code and click Submit

43423099.png

3. Input the One Time Registration Code disseminated from the previously selected method and clickSubmit

43423098.png

4. Input the Password credential for the previously supplied username and clickSubmit

43423097.png

5. Wait for the PFX file to be created

43423096.png

6. Chrome automatically saves the file to the Downloads directory – by default the file is also accessible via the downloads tab at the bottom of the browser window

Double-click the PFX certificate file to start the Certificate Import Wizard

7. Leave the default Store Location setting and click Next

43423092.png

8. Browse to select the PFX certificate and click Next

43423091.png

9. When prompted for the privatekey Password, enter the same password supplied in step 4 and then click Next

43423090.png

10. Proceed with the default selection Automatically select the certificate store based on the type of certificate and click Next

43423089.png

11. The PFX certificate has now been successfully installed and the Certificate Import Wizard window can be closed by clicking Finish

43423088.png

12. Click OK to dismiss the success pop-up alert – the VPN can now be accessed for authentication

Windows (Later IdP Version) - Firefox Browser Configuration Steps

1. In a Firefox browser, enter the URL for the PFX realm and Submit the username to be associated with the PFX file

43423100.png

2. Select an applicable method to receive a One Time Registration Code and click Submit

43423099.png

3. Input the One Time Registration Code disseminated from the previously selected method and click Submit

43423098.png

4. Input the Password credential for the username previously supplied and click Submit

43423097.png

5. Wait for the PFX file to be created

Select Save File rather than Open with when prompted by the dialog, then click OK

43423095.png

6. Navigate to the download path of the PFX file and double-click it to start the Certificate Import Wizard

43423093.png

7. Leave the default Store Location setting and click Next

43423092.png

8. Browse to select the PFX certificate and click Next

43423091.png

9. When prompted for the private key Password used to encrypt the certificate, supply the same password used in step 4and click Next

43423090.png

10. Proceed with the default selection Automatically select the certificate store based on the type of certificate and click Next

43423089.png

11. The PFX certificate has now been successfully installed and the Certificate Import Wizard window can be closed by clicking Finish

43423088.png

12. Click OK to dismiss the success pop-up alert – the VPN can now be access for authentication