All the options are set under the "Tools->Options" menu item.
First, select "Getting Started" and make sure you have r2d2 set as your incoming mail server. Note that you need to specify the name as "r2d2.cwru.edu" or else the secure negotiation will fail with a "Destination host name does not match host name in certificate" error.
Next, select "Checking Mail" and under "Secure Sockets when Receiving" select "Required, Alternate Port"
Next, check your mail. This operation should fail with an "SSL Negotiation Failed: Certificate Error"
You can now add the certificate to your trusted list. Do this by selecting Tools->Options and then "Checking Mail". Next, select the "Last SSL Info" button. This should bring up the SSL Connection Information window. Now press the "Certificate Information Manager" button. A certificate from r2d2 should be listed with a skull and cross-bones next to it. Select that certificate and then click "Add To Trusted". A user face should appear in the "User Trusted Certificates" area with the certificate from r2d2 listed. You may cross-check the Thumbprint from the following images if you suspect your not really talking to r2d2.
This completes the procedure. You should now be able to securely download your email from r2d2.