Installing the LAFN Certificate On Your Computer

When accessing User Services, you may encounter an error message that says the certificate is invalid. You can either install the LAFN root certificate, or just accept the certificate and use it. LAFN uses certificates that are not regonized immediately by most computers. Hence, you should install our root certificate to access mail, User Services etc. Accepting the certificate will work, however, if your DNS server becomes corrupted you could end up trusting a server that does not belong to LAFN. Thats why we recommend installing the LAFN root certificate.

The error messages from the browsers are scarry and obnoxious. The developers found that users ignored the messages when they were more accurate. The LAFN root certificate is only used for generating certificates for LAFN services. We do not provide certificates to anyone else. Hence, it is completely trustworthy. Note, that the "offical" certificate authorities have issued valid Microsoft certificates to hackers on several occasions. Vetting a certificate requestor is a very difficult process and fairly easy to fool.

While the specific procedures are different for the various PC and Mac systems, they all rely on the same certificates.

First you must download the LAFN certificate. There are two different certificate formats (PEM and DER) that may be supported by your computer. The PEM format is most likely to download properly. It is in text format and all browsers can easily download it correctly. However, some versions of Windows do not handle PEM format certificates. In those cases you need to use the DER format. DER is a binary format and some browsers have a problem downloading binary files correctly. We recommend starting with the PEM format and then if you get an error message, download the DER format and try it.

Clicking on the PEM format should download the certificate and start up the certificate manager used by your browser. However, if it does not then you will need to use a right click (Windows) or Cntl-click (Mac) on the certificate below and save it to your disk. The specific location is not important other than you must be able to find it in later steps. If the certificate is downloaded with a file name that ends in .html (e.g., LAFN.pem.html) then you need to remove the trailing .html.

Determining which instructions below to use is a bit convoluted. First of all, each OS has a built in certificate manager. Some browsers, mail programs, news readers, etc. use them. However, Firefox, Mozilla, Opera possibly other have their own built-in certificate manager and do not use the OS manager. This means you will probably need to download and install the root certificate twice (or more): once for the OS, and once for each of the browsers identified above. Mail and news readers are most likely to use the certificate manager used by their associated browser.

Certificate Formats
LAFN PEM format DER format

Now you are ready to install the certificates. Here are available procedures:

Windows 98 through XP
Windows Vista
Windows 7
Mac OS-X (Tiger and earlier)
Mac OS-X (Leopard)
Firefox (Mac or PC)
Mozilla (Mac or PC)
SeaMonkey (Mac or PC)
Thunderbird (Mac or PC)
Opera (Mac, PC, or Linux)
Mac OS 9 - Netscape

To test the certificate installation, click on Test LAFN Certificate. If you get any dialog boxes about accepting the certificate then the installation process was not successful.

This page last updated: Apr 9, 2015