Your personal device(s) is receiving a certificate is “unsafe” or “not trusted” error browsing the web on YESNet, the school network and/or you can’t do a webfilter override.

Affected: Limited to personal devices (Bring Your Own Device aka BYOD) using the school network. Please note this a new certificate for the 2019/20 school year.
Unaffected: Devices provided to the school and 1to1 program devices


To ensure your personal device (BYOD) is configured to allow for web navigation on the school network (and to allow for overrides) see the instructions below:

NOTE: The Firefox browser requires additional steps to trust SSL inspection. Currently Firefox will not work for users on personal devices. ITSS will update this article when a reliable solution is tested.


1. For MacOS – Procedure may vary depending on operating system. Double click the downloaded certificate – Keychain Access will open on your Mac. Ensure System Keychain is selected. Click Allow, enter your password to authorize.






2. After adding the certificate you must ensure it is trusted. Select the certificate in Keychain Access and double click to modify settings ensuring certificate is Always Trusted.










3. Restart your browser


You will need to follow the following steps to trust a certificate included in a profile. Navigate to this page using Safari.

  1. Tap on the Web Certificate link at the beginning of this article.
  2. Open the Settings App, navigate to General>Profiles & Device Management
  3. Tap
  4. Allow and authorize installation (Install button is in the top right corner).
  5. Confirm certificate is trusted: Open Settings.
  6. Navigate to General and then About.
  7. Select Certificate Trust Settings.
  8. Each root that has been installed via a profile will be listed below the heading Enable Full Trust For Root Certificates. Users can toggle on/off trust for each root
  1. Double click the downloaded certificate.
  2. Follow prompts provided. For reference here is a quick overview –
  1. Tap on the Web Certificate link at the beginning of this article.
  2. Approve to download
  3. Tap Open File
  4. Certificate is now installed.
  5. Open browser and navigate to desired website.
  6. If File does not Open, navigate to File Manager on your Android Device. Open from this location. If prompted name the Certificate as you like (e.g. Palo) and select for VPN and Apps.

What Changed & Why?

ITSS had to install a critical update one of the systems that safeguards our school network which “enforced” a setting we were able to previously turn off.

This setting requires personal devices to download, install and trust the certificate we use on the school network.

Is My Personal Device & Data Safe?

Yes. Installing / trusting the certificate is absolutely safe.