Connect to CMU-SECURE
WHAT CAN I CONNECT? | SETUP AND CONNECT
CMU-SECURE is the preferred wireless network for students, faculty and staff. Use CMU-SECURE to connect your laptop or desktop computer, tablet or smartphone to secure wireless at CMU.
What can I connect?
Devices you can connect to CMU-SECURE include, but are not limited to: smartphones, laptop and desktop computers, Chromebooks, iPads, and other tablets.




Setup and Connect to CMU-SECURE
To connect, follow the appropriate steps for your device/operating system.
Chromebook
- Once on campus, locate the wireless configuration settings.
- Select CMU-SECURE from your Wi-Fi network list.
- Click Connect.
- When prompted, enter the following:
- Security: EAP
- EAP method: PEAP
- EAP Phase 2 authentication: MSCHAPv2
- Security CA certificate: Do not check
- Identity: your Andrew userID
- Password: your Andrew password
Laptop or Desktop Computer
Linux
- Once on campus, locate your wireless configuration settings.
- Select CMU-SECURE from your Wi-Fi network list.
- Enter the following information (terminology may vary; your computer may not require all these settings):
- Wireless security: WPA2 Enterprise
- Authentication: Protected EAP (PEAP)
- CA certificate: USERTrust RSA Certification Authority (See step 3 for details.)
- PEAP Version: Automatic or Version 0
- Inner/Phase 2 authentication: MSCHAPv2
- Username: Andrew userID
- Password: Andrew password
- Do one of the following:
- If prompted, verify and accept the CMU wireless certificate.
- If not prompted, manually download and install the certificate from the COMODO website.
- If checking the fingerprint of the COMODO certificate, you should match this fingerprint:
SHA1: 2B:8F:1B:57:33:0D:BB:A2:D0:7A:6C:51:F7:0E:E9:0D:DA:B9:AD:8E
Mac
- Once on campus, click the Apple menu (top-left) and click one of the following:
- macOS Ventura - System Settings
- macOS Monterey - System Preferences
- Click Network, then click one of the following:
- macOS Ventura - Wi-Fi and then click to enable the Wi-Fi slider
- macOS Monterey - Turn Wi-Fi On
- Select CMU-SECURE in the Network Name list.
- If prompted, enter your Andrew userID and password, then click OK.
- Click Show Certificate, then click verify and accept and click Continue.
Note: macOS Ventura users may review the certificate, but you are not prompted to verify and accept.
Windows
- Once on campus, locate the wireless configuration settings on your computer.
- Select CMU-SECURE from your Wi-Fi network list.
- Click Connect.
- If prompted, enter your Andrew userID and password, then click OK.
- If prompted with a Security Alert, click Details.
- Verify and accept.
- Click Connect.
Still can't connect? Follow the manual connection steps.
Mobile
iOS
- Once on campus, locate your wireless configuration settings.
- Select CMU-SECURE from your Wi-Fi network list.
- When prompted, enter the following:
Username: Andrew userID
Password: Andrew password - If prompted, verify and accept the CMU wireless certificate.
Android
- Once on campus, locate your wireless configuration settings.
- Find CMU-SECURE in your Wi-Fi list.
- When prompted, enter the following:
- EAP method: PEAP
- Phase 2 authentication: MSCHAPV2
- CA certificate: Use System Certificate
- Domain: wireless.cmu.edu
- User certificate: Unspecified
- Identity: Andrew userID
- Password: Andrew password
- Note: If you see an Anonymous Identity field, you may leave it blank.
- Do one of the following:
-
If prompted, verify and accept the CMU wireless certificate.
Note: You may not be able to select a CMU wireless certificate on some Android devices, but you will be connected to CMU-SECURE after you compete Steps 1-3.
- If not prompted:
- Turn off your wireless connection and manually download and install the certificate from the COMODO website using your provider's 4G/LTE service.
- Select either CA Certificate or the certificate you downloaded and installed when prompted for the certificate.
- Turn on your wireless connection, and select CMU-SECURE in your Wi-Fi list.
- Enter the information provided in Step 3.
-
Note: Terminology may vary across devices. Contact your vendor for terminology specific to your device.
Other Devices
- Once on campus, locate your wireless configuration settings.
- Select CMU-SECURE from your Wi-Fi network list.
- When prompted, enter any of the following as required for your device:
- Wireless security: WPA2 Enterprise
- Authentication: Protected EAP (PEAP)
- CA certificate: USERTrust RSA Certification Authority or Unspecified
- Domain: wireless.cmu.edu
- User certificate: Unspecified
- Inner/Phase 2 authentication: MSCHAPv2
- Username/Identity: Andrew userID.
- Password: Andrew password.
- Note: If you see an Anonymous Identity field, you may leave it blank.
- If prompted, verify and accept the CMU wireless certificate.
Terminology may vary across devices. Contact your vendor for terminology specific to your device.
Verify the Certificate
A certificate allows you to verify that a network is safe. If you are prompted to accept a certificate as you connect to CMU-SECURE, verify it against the following information.
- Confirm that the certificate is issued by InCommon RSA Server CA
- Verify the Thumbprint/Fingerprint. Note: you may need to scroll to the bottom of the certificate details to find this information.
- Server SHA-256 Thumbprint/Fingerprint for the wireless.cmu.edu certificate:
4D:51:33:C7:08:13:30:BA:EE:70:32:05:35:C1:CD:24:13:23:3C:F9:2A:63:DF:DF:3F:B0:C8:C9:30:EE:9A:1E
Server SHA-1 Thumbprint/Fingerprint for the wireless.cmu.edu certificate:
90:70:E0:A7:B9:37:E8:B5:69:8B:7D:DD:15:CB:90:79:90:4E:A5:12
- Server SHA-256 Thumbprint/Fingerprint for the wireless.cmu.edu certificate: