Web Content Display Web Content Display

Installing DoD Certificates


Many enterprise IT systems at NPS make use of SSL certificates issued by the DoD. If your browser doesn't trust them, you may run into issues. Reinstalling the certs is always a good step in troubleshooting as well. Get started with installing the latest certificates by reviewing the tutorials below.

 

Web Content Display Web Content Display

InstallRoot Tool

The InstallRoot application is the simplest and most straightforward way to install all DOD certificates in your windows operating system, and supports Internet Explorer, Chrome, Firefox, and Java

    • Select your corresponding computer architecture type from the links below:  (NIPR Windows Installer, for SIPR certificates access DISA's site directly from a SIPR machine) 
    • Once downloaded, install the file and run InstallRoot.
    • Install required certificates. A more detailed explanation with pictures is shown below.
    • Restart your browsers for the changes to take effect (all windows!).
      • In some cases you may have to clear the cache of the browser you are using.

 

Download the Install Root Software here:

 

Step 1:

Double-click the installer and click next.

Welcome to InstallRoot SetUp

 

Step 2:

Select the desired folder to install to or continue by clicking next.

Choose a file location

 

Step 3:

Leave the defaults checked and click next.

install root features

Step 4:

After the installation finished click run InstallRoot.

Install Root

 

Step 5*:

If Firefox, Java, or both programs are installed on your computer you will be asked if you would like to install the certificates in their respective certificate stores. Select yes if you are accessing DOD sites that use Java or if you access DOD sites with Firefox. 

Install Root - Firefox

Install Root pop up - Java

 

Step 6:

Close the Quick Start pop up.

DoD certs

 

Step 7:

Click Install Certificates in the top left corner. If you click the drop down next to the red ribbon you should see a green check mark next to the certificates.

install dod certs

 

More information on certificates and other tools can be found via DISA.

https://iase.disa.mil/pki-pke/Pages/tools.aspx

 

 

Download the latest DoD root certificates here: DoD RootCerts file.

 

  1. Open the Keychain Access application if it's not already running.
  2. Drag certificates in the folder to the login section of the Keychain Access.
    test
  3. Click 'Add' to pop-up adding all certificates to login keychain (must click add to every certificate.).
    test
  4. Once all certificates have been added double click DoD Root CA 3 and 4 certificates, select Trust and change 'When using this certificate' from 'User System Defaults' to 'Always Trust'.
    test
  5. Confirm your changes by entering an administrative password.

    test

Notes:

There should be 55 DoD certs available in the Mac Keychain Access Utility.