Many Mac users have had problems accessing Mason’s wireless network after they have upgraded to Lion. The problem has to do with a change that Apple introduced with the Lion OS and the accompanying version of the Safari browser. This problem has affected network access for many service providers and is not isolated to Mason.
Since the problem was caused by a change in Safari, the recommendation has been to use another browser, namely Firefox or Chrome, which does not try to check the certificate provided by the secure captive portal. This has been proven to work.
Export the captive portal's SSL certificate with the following steps:
Activate your wireless connection to the Mason network. Then, using either Firefox, Chrome, or a terminal window, download the certificate. The steps for each are listed below.
When you run Safari*, it will now be able to connect to the secure captive portal page.
How this modification works
This modification makes the user's computer ‘trust’ the certificate from the secure captive portal (uacwireless.gmu.edu for wireless at Mason). A procedure for doing this was found on the Stack Exchange web site and forwarded to NET by Don Whiteside from the Provost’s Office. The workaround involves using Firefox to export the certificate from uacwireless.gmu.edu and then importing the certificate into a keychain on the Mac system. We have also found a method to export the certificate using Chrome and from the command line.
Administrators of many other sites are experiencing the same problem with their secure captive portals. This problem is not isolated just to Mason's networks. This procedure will not only work for access to the SNAP network, it will also work with the certificate for non-Residence Hall users (replace uac.gmu.edu with uacwireless.gmu.edu). Additionally, it can also be used by Lion users to provide access through any secure captive portal – until Apple provides a solution to the problem they created.
Limitations of the Fix
The downside to this procedure is that if the secure captive portal certificate is compromised, the user's system will not check and will continue to trust the certificate. If this does happen, then it is likely that Mason (or the other secure captive portal site) will replace the certificate before Apple is aware of the problem. The user will again not be able to access the site via the secure captive portal and will be made aware that they will need to remove the old certificate and add the new certificate.
How to check to see if Java is installed and enabled: