Metasofa Media Co-op
Metasofa Certificate Authority
If you're signing in to the Metasofa Timebank or your web intercom, or if you want to send us a message securely, or view Metasofa webpages with https instead of http, you might get a scary warning from your browser ("not private", "unsafe website", "untrusted / self-signed certificate", "invalid authority", "unknown issuer", "can't verify identity", etc)
No need to panic! It's normal and good for your browser to give these warnings, but in this case don't worry, just tell your browser to keep going forward... (click OK, Continue, Unsafe, Advanced, Show, View, Visit, etc)
This will temporarily encrypt the session to prevent internet eavesdropping and password theft, but you'll need to pay attention each time you connect to be sure it's the genuine website.
For better ongoing security, you can install the Metasofa Root CA certificate so your web browser can automatically verify Metasofa secure sites & encryption keys with every connection.
Important note - of course always use caution whenever installing or updating any software or security certificates, and trust only known sources. For general information on web security, certificates, and public key infrastructure, please see the info links below. For a technical overview and current listing of all Metasofa certificates, see certificates below.
1. If you're not already on the secure version of this webpage, please go there, temporarily bypassing security warnings if necessary as described above. If you're not sure this is the real secure.metasofa.org, please contact us directly.
2. Click any of these 4 file-names to download the Metasofa Root CA certificate into your web browser or system. All of these files contain the same certificate, but some file formats may install easier than others depending on your browser or system. (try .crt first)
metasofa-2014-root.crt or metasofa-2014-root.pem (2k text) or
metasofa-2014-root.cer or metasofa-2014-root.der (1.5k binary)
3-a. If your browser offers to install the certificate directly (eg, Firefox, iPhone, iPad), check appropriate options if any, and click Install or Trust or OK to approve installation of the certificate.
3-b. If your browser only downloads the file and doesn't offer to install it (eg, Chrome, Safari, IE, or others), find the file in your Downloads folder and double-click to open it with the your system's certificate manager. You'll need to approve installation of the certificate.
The Metasofa Root CA certificate should be trusted for x509 and/or Certificate Signing, depending on your browser. If you set your trust preferences to "Always Ask", you'll know whenever your browser is referring to the certificate.
Installation should take only a few seconds. If you get an error message or the certificate doesn't install, try again with a different file format above, or consult the help manual for your browser or system on "How to install / remove a Root Certificate or Certificate Authority".
There is one Metasofa Root CA certificate. This is used to sign and validate Metasofa Server certificates for various projects of the Metasofa Media Co-op. (see above for how to install the Metasofa Root CA certificate)
Metasofa Root CA - metasofa-2014-root.crt or .pem, .cer, .der (valid 2014-2033)
Metasofa Server ( *.metasofa.org ) - metasofa-2022-server.crt (valid 2022-2024)
This is a complete and current list of all valid Metasofa certificates. Other / older Metasofa certificates are obsolete and should be deleted. Please feel free to contact us directly if you're not sure of the validity of these certificates or this webpage.
updated 2022 June 17
Details for Metasofa Root CA
HTTPS secure web protocol (wikipedia)
Self-signed certificate and Certificate authority (wikipedia)
Digital certificates and Public Key Infrastructure (wikipedia)
X.509 (wikipedia) and RFC 5280 & 6818 (ietf standards track)
OpenSSL.org - open source software libraries & utilities
Let's Encrypt - free, automated, open certificate authority
Metasofa Certificate Authority
Metasofa Media Co-op