UCB Libraries

Off Campus Access

You must be a CU-Boulder student, faculty member, or employee with an active CU IdentiKey
to access Libraries-subscribed databases and online resources from an off-campus location.


There are currently two options for accessing online resources: Proxy and VPN:


  • Proxy Server
  • Virtual Private Network (VPN)
  • Security Certificate Warning

A proxy server provides access to many library online resources without using VPN. During the Fall semester 2013 we are adding more and more resources to the proxy. Not all of our resources are currently available via proxy, so if you do not see the proxy login screen or if you have trouble accessing the resource, you will need to use the VPN method instead.


How to use it:

When you are off campus and you click on a link to a resource on the libraries website, you will see an authentication screen that looks like this:


Proxy Login Screen

CU-Boulder students, staff, and faculty: Log in with your Identikey username and password and you will be linked directly to the resource.

Temporary faculty/Continuing Education students without Identikeys: Some temporary faculty and Continuing Ed students may have temporary access to our databases and will need to log in using their library login information that has been given to them by the Circulation Desk. Public patrons are not allowed off-campus access to our databases and online resources but may use them at dedicated workstations in the libraries.


URL changes:

If you have bookmarked a library resource that has since been added to the proxy, you must update your bookmarks with the new URLs from the libraries catalog (Chinook) in order to use the proxy . If you find that a library resource denies you access, use VPN.


Proxied URL:


Proxied URL screenshot


Non-proxied URL:


Non-proxied URL


Thank you for your patience as we fine tune this proxy system to improve off campus access.



If you encounter problems with the proxy server or have any questions please contact:
the Norlin Research Desk (303-492-7521) and/or reflib@colorado.edu.

A VPN enables you to access all Libraries-subscribed online resources.

How do I use VPN to access library online resources?

  1. Download and install the VPN Cisco AnyConnect from the OIT VPN page. Instructions are available for desktop and mobile OS.

  2. After installation, log in to VPN before you access the online databases/journals. A CU IdentiKey is required for logging into the VPN.

  3. Click here to test whether you are successfully logged in to the VPN.


If you encounter problems with the VPN and/or your IdentiKey account,
please call the OIT Help Desk at 303-735-HELP (303-735-4357) or email them at help@colorado.edu.

If you see a security certificate warning when you are accessing a University Libraries page or resource, it is safe to accept the certificate. Accepting the certificate will allow you to continue to the next page or website you clicked on before seeing the message. You may encounter this security message when clicking on My Chinook, clicking on the indexes and databases on the E-Resources page or clicking on Electronic Course Reserves.


There is a way to disable the warning in Internet Explorer on an individual browser, by unchecking the "warn about certificate address mismatch" option in the Advanced Tab of the Security settings in Internet Options.


  • Firefox 2.0 and below
    Gives an explanatory certificate mismatch warning message which the user can click through.

  • Firefox 3.0
    Gives a message that has the title "Secure Connection Failed", and a link "Or you can add an exception..." at the bottom. The problem is fixed when you click on this link, and then follow the steps: Add Exception... | Get Certificate | Confirm Security Exception. Internet

  • Explorer 6.0 and below
    Gives an explanatory certificate mismatch warning message which you can click through.

  • Explorer 7.0
    Gives a message that has the title "There is a problem with this website's security certificate". You can go through by clicking on the link "Continue to this website (not recommended)".

To use many of the University Libraries licensed resources and services, you need to be "authenticated " or "recognized" by the system as an authorized CU user, especially when you are accessing from offcampus. A "proxy server" is used to allow you to log into the system and be authenticated. Our proxy server uses a "proxy rewrite" method, which changes the original page URL to a rewritten URL. Many browsers then see this as a mismatch between the security certificate of the page and the rewritten URL of the page. This mismatch is viewed as a potential risk and a security warning page is sent so that you can decide whether to proceed or not. With these CU pages, you may proceed without concern.