Carnegie Mellon University

Connect to CMU-SECURE

WHAT CAN I CONNECT? | SETUP AND CONNECT

CMU-SECURE is the preferred wireless network for students, faculty and staff. Use CMU-SECURE to connect your laptop or desktop computer, tablet or smartphone to secure wireless at CMU.

What can I connect?

Devices you can connect to CMU-SECURE include, but are not limited to: smartphones, laptop and desktop computers, Chromebooks, iPads, and other tablets.

smartphone
tablet
laptop
computer

Setup and Connect to CMU-SECURE

To connect, follow the appropriate steps for your device/operating system.

  1. Once on campus, locate the wireless configuration settings.
  2. Select CMU-SECURE from your Wi-Fi network list.
  3. Click Connect.
  4. When prompted, enter the following:
    • Security: EAP
    • EAP method: PEAP
    • EAP Phase 2 authentication: MSCHAPv2
    • Security CA certificate: Do not check
    • Identity: your Andrew userID
    • Password: your Andrew password
  1. Once on campus, locate your wireless configuration settings.
  2. Select CMU-SECURE from your Wi-Fi network list.
  3. Enter the following information (terminology may vary; your computer may not require all these settings):
    • Wireless security: WPA2 Enterprise
    • Authentication: Protected EAP (PEAP)
    • CA certificate: USERTrust RSA Certification Authority (See step 3 for details.)
    • PEAP Version: Automatic or Version 0
    • Inner/Phase 2 authentication: MSCHAPv2
    • Username: Andrew userID
    • Password: Andrew password
  4. Do one of the following:
    • If prompted, verify and accept the CMU wireless certificate.
    • If not prompted, manually download and install the certificate from the COMODO website. 
    • If checking the fingerprint of the COMODO certificate, you should match this fingerprint:
      SHA1: 2B:8F:1B:57:33:0D:BB:A2:D0:7A:6C:51:F7:0E:E9:0D:DA:B9:AD:8E
  1. Once on campus, click the Apple menu (top-left) and click System Preferences.
  2. Click Network, then click Turn Wi-Fi On.
  3. Select CMU-SECURE in the Network Name list.
  4. If prompted, enter your Andrew userID and password, then click OK.
  5. Click Show Certificate, then click verify and accept and click Continue.
  6. Close System Preferences.
  1. Once on campus, locate the wireless configuration settings on your computer.
  2. Select CMU-SECURE from your Wi-Fi network list.
  3. Click Connect.
  4. If prompted, enter your Andrew userID and password, then click OK.
  5. If prompted with a Security Alert, click Details.
  6. Verify and accept
  7. Click Connect.

Still can't connect? Follow the manual connection steps. 

  1. Once on campus, locate your wireless configuration settings.
  2. Select CMU-SECURE from your Wi-Fi network list.
  3. When prompted, enter the following:
    Username: Andrew userID
    Password: Andrew password
  4. If prompted, verify and accept the CMU wireless certificate.
  1. Once on campus, locate your wireless configuration settings.
  2. Find CMU-SECURE in your Wi-Fi list.
  3. When prompted, enter the following:
    • EAP method: PEAP
    • Phase 2 authentication: MSCHAPV2
    • CA certificate: Use System Certificate
    • Domain: wireless.cmu.edu
    • User certificate: Unspecified
    • Identity: Andrew userID
    • Password: Andrew password
  4. Do one of the following:
    • If prompted, verify and accept the CMU wireless certificate.

      Note: You may not be able to select a CMU wireless certificate on some Android devices, but you will be connected to CMU-Secure after you compete Steps 1-3.

    • If not prompted:
      1. Turn off your wireless connection and manually download and install the certificate from the COMODO website using your provider's 4G/LTE service.
      2. Select either CA Certificate or the certificate you downloaded and installed when prompted for the certificate.
      3. Turn on your wireless connection, and select CMU-SECURE in your Wi-Fi list.
      4. Enter the information provided in Step 3

Note: Terminology may vary across devices. Contact your vendor for terminology specific to your device.

  1. Once on campus, locate your wireless configuration settings.
  2. Select CMU-SECURE from your Wi-Fi network list.
  3. When prompted, enter any of the following as required for your device:
    • Wireless security: WPA2 Enterprise
    • Authentication: Protected EAP (PEAP)
    • CA certificate: USERTrust RSA Certification Authority or Unspecified
    • User certificate: Unspecified
    • Inner/Phase 2 authentication: MSCHAPv2
    • Username/Identity: Andrew userID.
    • Password: Andrew password.
  4. If prompted, verify and accept the CMU wireless certificate.

Terminology may vary across devices. Contact your vendor for terminology specific to your device.

Verify the Certificate

Root CA is listed as USERTrust RSA Certification Authority or InCommonRSAServerCA.

Server SHA-256 Thumbprint/Fingerprint for the wireless.cmu.edu certificate is:
33 6E FA 24 F7 B0 CE 30 9E 21 42 27 A0 09 2D 92 0C E1 A3 6B DD 2D 72 F9 47 09 0F 0C 2B 9F 73 02

Server SHA-1 Thumbprint/Fingerprint for the wireless.cmu.edu certificate is:
56 41 9C DD A8 A7 98 9C 3E B3 22 B5 F2 D5 82 AB 78 D7 10 97