InstallRoot installs the DoD Root certificates onto your Windows computer

If the website you are visiting is prompting you with the message the site is not trusted, you have received a new CAC, or your DoD website worked up until recently and doesn't now, you need to update your DoD certificates.

 Apple computers follow these instructions

DOD InstallRoot 3.16a was issued on 22 February 2013

Download InstallRoot 3.16a from MilitaryCAC or from

official .mil download links below

Run the InstallRoot_v3.16A.exe file from inside the zip file. 

InstallRoot Installation Instructions:

Select Run when prompted to Run or Save the file, you will see a black DOS window show on your screen, and have words scrolling in it.  When it goes away, you have installed the DoD certificates on your computer.

NOTE:  Windows 7, 8, & Vista may see a message that the file might not have installed correctly.  Select "This program installed correctly."

Please NOTE, It seems like the 3.16a version is adding in the "bad" certificates, so, go to slide 15 of this guide to see how to remove them.

PROCEED TO STEP 4 - INSTALL ACTIVCLIENT

Alternate download links for the DoD certificates:

https://ako.us.army.mil/suite/doc/39479923

Your Internet Explorer may prompt you with a banner stating it blocked this site from downloading files to your computer.  Click the box for the option to Download File.  Nothing will happen, go back and click the link again above.  Now you'll see the option to Run, Save, or Cancel.

-or-

DISA's IASE PKI and PKE Tools webpage

http://iase.disa.mil/pki-pke/function_pages/tools.html

Scroll down to the Trust Store Management section and click on: InstallRoot 3.16 A, then click on (ZIP Download) Size: 1,803 KB.  Save it to your computer, then double click the folder titled:  unclass_installroot_v3.16a.zip, open: InstallRoot_v3.16A, Windows, then run InstallRoot_v3.16A.exe.  Now you have the same file as above. (only with a lot more steps)

-or-

Navy Information Assurance website

https://infosec.nmci.navy.mil/PKI/installroot_v3.16a.exe (Requires CAC)

Select Run when prompted to Run or Save the file, you will see a black DOS screen show on your screen, and have words scrolling in it.  When it goes away, you have just installed the DoD certificates on your computer.

NOTE:  Windows Vista & 7 may show a message that the file might not have installed correctly.  Select "This program installed correctly."

Information:

A certificate is a digital document providing the identity of a Web site or individuals.  DoD Web sites use a certificate to identify themselves to their users and to enable secure connections.  If you are receiving a warning that a site is untrusted / insecure, you will need to install the "DoD Certificates."  In order to access sites enabled with a DoD PKI certificate without being prompted to accept the DoD Certificate chain at each log on [like Firefox and Safari do], people using Internet Explorer and Chrome should install the certificates.  These are separate from the personal certificates that are on your CAC, but they are related.

Root Certificates

How can you (or your web server) trust the identity of someone over the network?  An infrastructure of trusted third parties has been put in place to distribute trust between end-users.  This infrastructure verifies that we are who we say we are.  If we trust the DoD PKI infrastructure, then the infrastructure can vouch for us to trust others that have certificates issued from the DoD PKI.

Click to see full size image

.

The DoD PKI Infrastructure is comprised of two Root Certification Authorities and a number of Intermediate Authorities.  If all of the DoD root certificates are not installed on your computer, various applications will not be able to trust all DoD PKI certificates.

If you have questions or suggestions for this site, contact Michael J. Danberry

Last Update or Review:  Saturday, 08 June 2013 20:02 hrs

The following domain names all resolve to the same website:  ChiefsCACSite.com, CommonAccessCard.us, CommonAccessCard.info, & ChiefGeek.us