If you are attempting to access DoD SSL sites (such as ASFI (acquisition.army.mil), DIBBS (dibbs.bsm.dla.mil)), you may receive a warning message stating that you should not proceed. With some browsers (FireFox), you can add an exception to the warning and continue normally. In Chrome, you’ll be stopped dead.
Install DoD root certificates with InstallRoot (32-bit, 64-bit or Non Administrator). In order for your machine to recognize your CAC certificates and DoD websites as trusted, run the InstallRoot utility (32-bit, 64-bit or Non Administrator) to install the DoD CA certificates on Microsoft operating systems. DoD Class 3 PKI Download Root CA Certificate Trusting the DOD SSL Certificates - Welcome to the NPS Wiki - NPS. OPTION 2 - Download and install the DOD Root Certificates (Windows, Mac, Linux) By importing and trusting the root DOD certificates (4 of them) you will be able to use any. Re: Fed-Talk Root Cert on MacBookPro Question - Apple. Step 3: Update Your DOD Certificates. Now that you have your CAC reader connected and accepted on your Mac computer, it’s time to ensure you have the right certificates in order to access DOD CAC required web pages. If you are using Chrome or Safari, then follow step 3a below. If you are using Firefox, you’ll need to do some extra steps.
As of February 27, 2014, the DoD site supports only IE up to version 10 but not 11. The latest FireFox & Safari browsers will also be able to access the site as before but Chrome will present a warning message.
To get around this, you can install the DoD Root Certificates on your machine. This will allow your Web browser (Chrome, IE, Safari) to trust the identity of Web sites whose secure communications are authenticated by DoD.
Is this required? No, however, this will help you avoid Security Alert windows when you go to secure communication Web sites for various DoD agencies, including DTIC, DIBBS, AFSI. Future access to DoD Web sites may require certificates.
To do this correctly, you should download ALL of the certificates referenced here: http://dodpki.c3pki.chamb.disa.mil/rootca.html and import them into your Trusted Certificate Store. Here’s How (Windows):
- Browse to this site: http://dodpki.c3pki.chamb.disa.mil/rootca.html using IE 6.0 or later, or Firefox 3.0 or later. (You can’t use Chrome for this page, it isn’t supported by the DoD).
- Right click on each of the certificates and download them onto your disk.
- Open Certificate Manager by clicking the Start button , typing certmgr.msc into the Search box, and then pressing ENTER. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
- Click on Trusted Root Certificate Authorities, then Right Click and choose Import.
- Import each of the certificates that you saved to disk.
- As an option, you can import the certificates from Chrome. To do this, click the Wrench, Options, Under the Hood, Click the Manage Certificates Button, Click the Trusted Root Certification Authorities tab, then import each of the certificates.
If you have trouble with this feel free to give us a call and we’ll step you through it online.
- Ensure your CAC reader works with Mac
- Check to ensure your Mac accepts the reader
- Check your Mac OS version
- Check your CAC’s version
- Update your DOD certificates
- Guidance for Firefox Users
- Look at graphs to see which CAC enabler to use
Step 1: Purchase a Mac Friendly CAC Reader
Purchase a CAC reader that works for your Mac. There are only a couple that you can choose from and I’ve listed them below.
If you already have a CAC reader and it isn’t Mac friendly, you could update the firmware, however, for the non-tech savvy people out there, it’s probably better to just purchase a new one and save the headache – they’re only ~$11-13 dollars.
Best Mac Compatible CAC USB Readers
Best Mac Compatible CAC Desk Readers
Step 2: Plug in and Ensure It’s Accepted
Once you have your CAC reader, plug it into your Mac and ensure your computer recognizes it. If you have one of the CAC readers we suggested above, then you should be good to go.
Intro maker app download. If you are testing a different version, then verify that your Mac accepts your CAC reader by following these steps.
If for some reason your CAC reader isn’t working, then try the following steps.
Step 3: Update Your DOD Certificates
Now that you have your CAC reader connected and accepted on your Mac computer, it’s time to ensure you have the right certificates in order to access DOD CAC required web pages.
If you are using Chrome or Safari, then follow step 3a below. If you are using Firefox, you’ll need to do some extra steps:
![Download Dod Certificates Mac Download Dod Certificates Mac](https://my.nps.edu/documents/111151326/111164233/mac-dod-cert-image3.png/f4ed6cd1-8749-43c6-95bb-b822d23015a7?t=1514402009000)
- Type ⇧⌘U (Shift + Command + U) to access your Utilities
- Find and Double click “Keychain Access”
- Select “Login” and “All Items”
- Download the following four files and double click each once downloaded so as to install in your Keychain Access.
- When you double-click the Mac Root Cert 3 and 4, you’ll need to tell your browser to always trust them. Click the button like you see below:
Additional Steps for Firefox
- Download All Certs zip and double click to unzip all 39 files
- While in Firefox, click “Firefox” on the top left, then “Preferences”
- Then Click “Advanced” > “Certificates” > “View Certificates”
- Then Click “Authorities” and then “Import”
- Import each file individually from the “AllCerts” folder. When you do this, the below box will popup. Check all three boxes and click “OK”
Step 4: Download and install CAC Enabler
- Download zip
- Double click the .zip file
- Because this is from an unidentified developer, you’ll need to hold down “Control” and click the program. Now select open and continue with install procedure.
- After installing, restart your computer
CAC Access at Home Success
Now that you have a CAC reader, certificates, and a CAC Enabler, you should now be able to access any CAC-enabled website and log on using your CAC password and data.
Common Reasons Why Your CAC Card Won’t Work On Your Mac
Ensure Your CAC Card Meets the Standards: In order for your CAC card to work, it must meet the minimal requirements. Currently, there are only four types of CAC cards that can be used. The ensure you have the right CAC card for online access, flip your CAC card to the back and if you have one of the below numbers written on the top left, then you are good to go:
![Dod Dod](https://www.digicert.com/images/support-images/mac-osx-p12-export-1.png)
- G&D FIPS 201 SCE 3.2
- Oberthur ID one 128 v5.5 Dual
- GEMALTO DLGX4-A 144
- GEMALTO TOP DL GX4 144
Download Cac Certificates
If you do not have any of the above written on the back, then proceed to your nearest PSD to get a new CAC card issued.