Download Certificate Authority Certificates

CSAIL has three certificate authorities: one top-level ("root", "trusted") CA signs the certificates of two intermediate CAs, which then sign the certificates of clients and servers. For Web browsers, email clients, and other client software, you may need only the top-level CA, or you may need only the intermediate CAs, depending on the program and version. For servers, you will need all three certificates; choose the format appropriate for your SSL/TLS library.

If you have... Then install these certificates...
Firefox Master CA v2
Internet Explorer Master CA v2
Opera Master CA v2
Safari Master CA v2 (must be installed in System Roots keychain [X509Anchors in 10.4])
Chrome Same as the "native" browser for your platform
Older Netscape and Mozilla browsers Server CA, Client CA
Thunderbird Server CA, Client CA
CA Name Format
CSAIL Master CA v2 PEM (ASCII-armored, for OpenSSL)
CSAIL Master CA v2 DER (binary, for Windows and all browsers)
CSAIL Client CA PEM (ASCII-armored, for OpenSSL)
CSAIL Client CA DER (binary, for Windows and all browsers)
CSAIL Server CA PEM (ASCII-armored, for OpenSSL)
CSAIL Server CA DER (binary, for Windows and all browsers)
W3C Server CA PEM (ASCII-armored, for OpenSSL)
W3C Server CA DER (binary, for Windows and all browsers)