Connect BYOD Devices - ChromeBook Certificate Install

Chrome Logo These instructions are for Chromebooks. There are separate instructions for Apple iPhones & Ipads, Apple Macs, Android and Windows devices.

On your Chromebook, you may be able to connect to KKHS_BYOD but find you are unable to browse to secure websites. You get "Your connection is not private" messages. Secure websites have addresses that begin with "https" and they show a padlock icon in your web browser's address bar once they've loaded. To resolve these problems you need to install the Kerikeri High School certificate onto your Chromebook.

*** If you have been using your Chromebook at another school, often a Primary school, it may have been enrolled in that school's setup. If it still is, then you will still be getting that school's settings and lockdown. There is no way we can remove that configuration, even with a factory reset. You will have to contact your previous school and ask them to remove your Chromebook from their setup. You will then require help from the ICT staff set it up to work at Kerikeri High School. ***

1. Before you bring your Chromebook to school, ensure you have connected it to your home internet, set up a Google account and logged on to it. This will ensure that the Chromebook has been initialized with Google and updated to the latest version.

2. Start the Chromebook, click the wifi icon in the bottom-right by the clock and connect to KKHS_BYOD using "KeriHigh" as the password.

3. Log in using your Google account, and log in through the Fortinet.

4. Go to by typing it in to the address bar. This will download the Kerikeri High School certificate to the Chromebook's local storage.

5. Go into Chrome's settings by clicking the 3-dot Menu icon in the top-right, then selecting 'Settings' from the menu.
Expand the 'Advanced' section in the left-hand pane and select 'Privacy and Security'.

6. In the right-hand pane select 'Manage Certificates', the 'Authorities' tab, then the 'Import' button.
The 'Downloads' window will appear.

8. In the left-hand pane ensure 'Downloads' is selected.
At the bottom change the setting from from 'Base64-encoded ASCII single certificate' to 'All files'.

9. You should see kkhscert.cer in the right-hand pane. Select it and click 'Open'.

10. In the 'Certificate Authority' popup box, tick all 3 boxes then click 'OK'.
In the certificate list you should now be able to scroll down the list and find 'Fortinet, Fortigate CA'.

11. Click 'Finished' then close the Settings window.

12. Try going to a secure website, e.g.
You should see the usual page instead of a 'Your connection is not private' message.

These instructions were written using ChromeOS v79. The installation details may differ on other versions but the concepts are the same.