Kimo Johnson

16 May 2006

The webmasters at Dartmouth have decided to force intel mac users to always use HTTPS when connecting to any site at dartmouth.edu. For whatever reason, I can no longer connect to the site, and other people have been reporting the same problem on the discussion forums at apple.com. When we attempt to connect, we get a "client certificate rejected" error. The page does load in other browsers, however.

Whatever the reason is for this error, it’s bad that a user cannot access Dartmouth’s main page. I hope for Dartmouth’s sake that it gets fixed soon.

Broken page

Update: I reported this problem to the webmaster at Dartmouth and after many emails back and forth, he fixed the problem. It turns out they had configured their web servers to force Intel Macs to connect using HTTPS. As a result, the web server was asking Safari for a certificate, Safari was returning a certificate I received from .Mac, and the web server was rejecting the certificate because it could not verify it. Users with Dartmouth certificates could access the server, and users without certificates could also access the server. Anyone with a non-Dartmouth certificate (and no Dartmouth certificate) was being rejected.

The webmasters had originally considered this to be a very rare situation, but when they learned I received the certificate as a .Mac member, they changed the settings on the web server. So now I can access the Dartmouth web page from Safari, and I can also get to restricted pages since I added a Dartmouth certificate to my Keychain.