Download Certificate Authority Certificates

CSAIL has three certificate authorities: one top-level ("root", "trusted") CA signs the certificates of two intermediate CAs, which then sign the certificates of clients and servers. For Web browsers, email clients, and other client software, you may need only the top-level CA, or you may need only the intermediate CAs, depending on the program and version. For servers, you will need all three certificates; choose the format appropriate for your SSL/TLS library.

If you have...	Then install these certificates...
Firefox	Master CA v2
Internet Explorer	Master CA v2
Opera	Master CA v2
Safari	Master CA v2 (must be installed in System Roots keychain [X509Anchors in 10.4])
Chrome	Same as the "native" browser for your platform
Older Netscape and Mozilla browsers	Server CA, Client CA
Thunderbird	Server CA, Client CA

CA Name	Format
CSAIL Master CA v2	PEM (ASCII-armored, for OpenSSL)
CSAIL Master CA v2	DER (binary, for Windows and all browsers)
CSAIL Client CA	PEM (ASCII-armored, for OpenSSL)
CSAIL Client CA	DER (binary, for Windows and all browsers)
CSAIL Server CA	PEM (ASCII-armored, for OpenSSL)
CSAIL Server CA	DER (binary, for Windows and all browsers)
W3C Server CA	PEM (ASCII-armored, for OpenSSL)
W3C Server CA	DER (binary, for Windows and all browsers)