various certificates installation ... -...

Various Certificates Installation / Uninstallation Procedure

（macOS）

R-CCS – R-CCS-Net Helpdesk

1 / 9 Created on Mar. 19th, 2019, Update on ------

Various Certificates Installation / Uninstallation Procedure (macOS)

Pictures on this document are the screen of Windows10.

Client certificates and an intermediate certificate are used for wireless LAN (r-ccs-wlan) and

VPN connections.

Do not change the file name of the certificate, as it may cause a connection error.

Client certificates are issued for each division to which you belong. When you belong to other

divisions too, it is necessary to install a client certificate of each division.

When you leave the department or R-CCS, you need to uninstall (Step 3) the client

certificates.

■Table of contents (Link to each procedure)

1. Client Certificate Installation Procedure

2. Intermediate Certificate Installation Procedure

3. Client Certificate Uninstallation Procedure

■Client Certificate Installation Procedure

1. Save a client certificate (“.p12” file) to any location on your device, and then double-click on

it.

*The client certificate issued by R-CCS-Net Application is attached to the notification email of

completion of the R-CCS-Net Application.

2. (Subject : 【R-CCS-Net】R-CCS-Net 利用申請完了通知 / Completion of R-CCS-Net Application)

3. If a dialog about certificate addition is displayed, confirm that Keychain is “login” and click on

[Add].


（macOS）



4. Enter the password received by sealed letter or Garoon "Message" into a password dialog and

click on [OK].

5. Select “login” in Keychain and “Certificates” in Category at the left pane, and then double-

click on “R-CCS-NET-CA” at the right pane.

*If you use the certificate issued before Apr 15th, 2018, please select “AICS-Net-2017-CA”.

6. Select “Always Trust” in “When using this certificate”, and close this window.


（macOS）



7. If a password dialog is displayed, enter the password of your device and click on [Update

Settings]. After update, please confirm that the blue plus icon is displayed at the bottom left

of “R-CCS-NET-CA”.

8. Click on disclosure triangle at the left your client certificate and double-click on private key

(key mark).

9. Change “Name” to the same name of your client certificate, click on [Save Changes] and close

this window.


（macOS）



10. Select “System Roots” in Keychain and “Certificates” in Category at the left pane, and then

double-click on “Security Communication RootCA2” at the right pane.

11. Change “Always Trust” in “When using this certificate” and close this window.


Settings]. After update, please confirm that the blue plus icon is displayed at the bottom left

of “Security Communication RootCA2”.

That's the end of installation procedure.


（macOS）



■Intermediate Certificate Installation Procedure

1. Download the file [nii-odca3sha2ct.cer], save it anywhere and double-click it to run.

2. If a dialog as following is displayed, please fill the login user name and device password and

click [Modify Keychain].

3. Open [Keychain Access], on the left pane, select [Certificates] in [Category] and select [login]

or [System] in [Keychains], make sure [NII Open Domain CA-G5] was installed.

https://repo1.secomtrust.net/sppca/nii/odca3/nii-odca3sha2ct.cer


（macOS）



4. That's the end of installation procedure.

If you can’t install by the above procedure, please try the below procedure.

5. Open [Keychain Access], click to [File] > [Import Items...].

6. Please select the intermediate certificate file [nii-odca3sha2ct.cer] and click [Open].


（macOS）



7. If a dialog as following is displayed, please fill the login user name and device password and

click [Modify Keychain].

8. Open [Keychain Access], on the left pane, select [Certificates] in [Category] and select [login]

or [System] in [Keychains], make sure [NII Open Domain CA-G5] was installed.

9. That's the end of installation procedure.


（macOS）



■Client Certificate Uninstallation Procedure

1. Open the Keychain Access app, which is in the Utilities folder of your Application folder.

2. Select [login] in “Keychain” and [All Items] in “Category” at the left pane and select the

following 4 items. And then, hold down the control key and click on them, and click on [Delete

4 items].

・Client Certificate

・Private Key (the same name of client certificate)

・Root Certificate (R-CCS-NET-CA, AICS-Net-2017-CA or AICS-Net-CA)

・Identity Preference (https://vpn.aics.riken.jp/)

*If you have connected to R-CCS-Net with VPN client software “Cisco AnyConnect”, you may

have created the identity preference.

*If you have multiple certificates, please delete them all when you leave R-CCS. When leaving

one department among multiple affiliations, please delete only the client certificate of the

leaving department. You can confirm the department of the certificate by the 4-digit number

of the client certificate name.

Network to use Certificate *yyyy…issued year

Administration Division r●●●●●●-1214-yyyy

Research Team r●●●●●●-1237-yyyy

FS2020 r●●●●●●-1234-yyyy

Operations and Computer Technologies Division r●●●●●●-1216-yyyy


（macOS）



3. If the following confirmation dialog is displayed, click on [Delete] button.


Settings] button.

That's the end of uninstallation procedure.

various certificates installation ... -...

Documents