Search MilitaryCAC:

Site Map

MilitaryCAC.com logo

.com | .us | .info | .ml  | .mobi | .net | .org


The Definitive Source for Everything CAC

Common Access Card help for your
P
ersonal Computer

Also available at:

https://MilitaryCAC.com

Please ShareThis website with your friends and colleagues

Make a Donation button image

 

 

 

STEP 3:  INSTALL the Department of Defense (DoD) CERTIFICATES

Installation Steps

Step 1: Obtain a CAC Reader
Step 2: CAC Reader driver / Video
Step 3: DoD Certificates / Video
Step 4: ActivClient / Video
Step 4a: Update ActivClient
Step 5: IE adjustments | Video
Log into AKO with your CAC now
----------------
Proceed ONLY if you need to sign forms
Step 6: Lotus Forms / Video
Step 7: eSign / ApproveIt / Video

Video Instructions

 

InstallRoot installs the DoD Root certificates onto your Windows computer

 

If the website you are visiting is prompting you with the message the site is not trusted, you have received a new CAC, or your DoD website worked up until recently and doesn't now, you need to update your DoD certificates.

 

 Apple computers follow these instructions

 

Windows RT users go HERE for the file you need

 

DOD InstallRoot 3.16.1a was issued on 2 March 2014

 

updated imageDownload InstallRoot 3.16.1a from MilitaryCAC or from

official .mil download links below

Run the InstallRoot_v3.16.1A.exe file from inside the zip file. 

 

InstallRoot Installation Instructions:
Select Run when prompted to Run or Save the file, you will see a black DOS window show on your screen, and have words scrolling in it.  When it goes away, you have installed the DoD certificates on your computer.
NOTE:  Windows 7, 8, & Vista may see a message that the file might not have installed correctly.  Select "This program installed correctly."

 

You can now install both the InstallRoot 3.16a and the Cross Cert Removal tool 1.10 in one single file which was created by the Army Network Enterprise Technology COMmand (NETCOM)

This file is designed for Home Users ONLY, you can download it from:

MilitaryCAC https://militarycac.com/files/HomeUserCertTool_V03.zip  or

AKO  https://ako.us.army.mil/suite/doc/41544679

 

 

PROCEED TO STEP 4 - INSTALL ACTIVCLIENT

 

 

Alternate download links for the DoD certificates:

 

updated imagehttps://ako.us.army.mil/suite/doc/42460657

 

Your Internet Explorer may prompt you with a banner stating it blocked this site from downloading files to your computer.  Click the box for the option to Download File.  Nothing will happen, go back and click the link again above.  Now you'll see the option to Run, Save, or Cancel.

 

-or-

 

updated imageDISA's IASE PKI and PKE Tools webpage

http://iase.disa.mil/pki-pke/function_pages/tools.html

Scroll down to the Trust Store Management section and click on: InstallRoot 3.16.1 A, then click on (ZIP Download) Size: 1,908 KB.  Save it to your computer, then double click the folder titled:  unclass-installroot_v3-16-1a.zip, open: InstallRoot_v3.16.1A, Windows, then run InstallRoot_v3.16.1A.exe.  Now you have the same file as above. (only with a lot more steps)

 

-or-

 

Navy Information Assurance website

https://infosec.nmci.navy.mil/PKI/installroot_v3.16a.exe (Requires CAC)

Select Run when prompted to Run or Save the file, you will see a black DOS screen show on your screen, and have words scrolling in it.  When it goes away, you have just installed the DoD certificates on your computer.
NOTE:  Windows Vista & 7 may show a message that the file might not have installed correctly.  Select "This program installed correctly."

 

 
Information:
A certificate is a digital document providing the identity of a Web site or individuals.  DoD Web sites use a certificate to identify themselves to their users and to enable secure connections.  If you are receiving a warning that a site is untrusted / insecure, you will need to install the "DoD Certificates."  In order to access sites enabled with a DoD PKI certificate without being prompted to accept the DoD Certificate chain at each log on [like Firefox and Safari do], people using Internet Explorer and Chrome should install the certificates.  These are separate from the personal certificates that are on your CAC, but they are related.

 

 

Root Certificates

 

How can you (or your web server) trust the identity of someone over the network?  An infrastructure of trusted third parties has been put in place to distribute trust between end-users.  This infrastructure verifies that we are who we say we are.  If we trust the DoD PKI infrastructure, then the infrastructure can vouch for us to trust others that have certificates issued from the DoD PKI.

DoD Root Hierarchy image

Click to see full size image

.

The DoD PKI Infrastructure is comprised of two Root Certification Authorities and a number of Intermediate Authorities.  If all of the DoD root certificates are not installed on your computer, various applications will not be able to trust all DoD PKI certificates.

 

If you have questions or suggestions for this site, contact Michael J. Danberry

Are you interested in subscribing to the CACNews email list?

Disclaimer

 

GoDaddy Site Certified seal

 

Last Update or Review:  Thursday, 20 March 2014 18:42 hrs

 

The following domain names all resolve to the same website:  ChiefsCACSite.com, CommonAccessCard.us, CommonAccessCard.info, & ChiefGeek.us