Firstly you'll need to obtain the SSL certificate, sending it to you via email or grabbing it from a web. Once opened (tapping on it from the email attachment, for instance) an installation process will start. On the Install Profile screen, tap on Install. A warning message saying that Installing this profile will change settings on your iPhone will appear. DOD PKI client certificates include 1 identity, 1 email signature, and 1 email encryption certificate, and may be obtained from the DoD free of charge. DoD PKI certificates are available as software certificates (private keys stored in three.p12 files) or on Common Access Cards (private keys embedded in CAC). Accessing DTS on a Mac computer has a number of notable differences from accessing DTS on a PC. The main differences are: 1. DBsign displays the DOD Email certificate as an option rather than just the required DOD ID certificate. There is no “Clear SSL State” option. OSX does not have native smartcard drivers. Dod root certificates for mac provides a comprehensive and comprehensive pathway for students to see progress after the end of each module. With a team of extremely dedicated and quality lecturers, dod root certificates for mac will not only be a place to share knowledge but also to help students get inspired to explore and discover many.
- Ensure your CAC reader works with Mac
- Check to ensure your Mac accepts the reader
- Check your Mac OS version
- Check your CAC’s version
- Update your DOD certificates
- Guidance for Firefox Users
- Look at graphs to see which CAC enabler to use
Step 1: Purchase a Mac Friendly CAC Reader
Purchase a CAC reader that works for your Mac. There are only a couple that you can choose from and I’ve listed them below.
If you already have a CAC reader and it isn’t Mac friendly, you could update the firmware, however, for the non-tech savvy people out there, it’s probably better to just purchase a new one and save the headache – they’re only ~$11-13 dollars.
Best Mac Compatible CAC USB Readers
Best Mac Compatible CAC Desk Readers
Step 2: Plug in and Ensure It’s Accepted
Once you have your CAC reader, plug it into your Mac and ensure your computer recognizes it. If you have one of the CAC readers we suggested above, then you should be good to go.
If you are testing a different version, then verify that your Mac accepts your CAC reader by following these steps.
If for some reason your CAC reader isn’t working, then try the following steps.
Step 3: Update Your DOD Certificates
Now that you have your CAC reader connected and accepted on your Mac computer, it’s time to ensure you have the right certificates in order to access DOD CAC required web pages.
If you are using Chrome or Safari, then follow step 3a below. If you are using Firefox, you’ll need to do some extra steps:
- Type ⇧⌘U (Shift + Command + U) to access your Utilities
- Find and Double click “Keychain Access”
- Select “Login” and “All Items”
- Download the following four files and double click each once downloaded so as to install in your Keychain Access.
- When you double-click the Mac Root Cert 3 and 4, you’ll need to tell your browser to always trust them. Click the button like you see below:
Additional Steps for Firefox
- Download All Certs zip and double click to unzip all 39 files
- While in Firefox, click “Firefox” on the top left, then “Preferences”
- Then Click “Advanced” > “Certificates” > “View Certificates”
- Then Click “Authorities” and then “Import”
- Import each file individually from the “AllCerts” folder. When you do this, the below box will popup. Check all three boxes and click “OK”
Step 4: Download and install CAC Enabler
- Download zip
- Double click the .zip file
- Because this is from an unidentified developer, you’ll need to hold down “Control” and click the program. Now select open and continue with install procedure.
- After installing, restart your computer
CAC Access at Home Success
Now that you have a CAC reader, certificates, and a CAC Enabler, you should now be able to access any CAC-enabled website and log on using your CAC password and data.
Common Reasons Why Your CAC Card Won’t Work On Your Mac
Ensure Your CAC Card Meets the Standards: In order for your CAC card to work, it must meet the minimal requirements. Currently, there are only four types of CAC cards that can be used. The ensure you have the right CAC card for online access, flip your CAC card to the back and if you have one of the below numbers written on the top left, then you are good to go:
- G&D FIPS 201 SCE 3.2
- Oberthur ID one 128 v5.5 Dual
- GEMALTO DLGX4-A 144
- GEMALTO TOP DL GX4 144
If you do not have any of the above written on the back, then proceed to your nearest PSD to get a new CAC card issued.
Many enterprise IT systems at NPS make use of SSL certificates issued by the DoD. If your browser doesn't trust them, you may run into issues. Reinstalling the certs is always a good step in troubleshooting as well. Get started with installing the latest certificates by reviewing the tutorials below.
InstallRoot Tool
The InstallRoot application is the simplest and most straightforward way to install all DOD certificates in your windows operating system, and supports Internet Explorer, Chrome, Firefox, and Java.
- Select your corresponding computer architecture type from the links below: (NIPR Windows Installer, for SIPR certificates access DISA's site directly from a SIPR machine)
- Once downloaded, install the file and run InstallRoot.
- Install required certificates. A more detailed explanation with pictures is shown below.
- Restart your browsers for the changes to take effect (all windows!).
- In some cases you may have to clear the cache of the browser you are using.
Download the Install Root Software here:
Step 1:
Double-click the installer and click next.
Step 2:
Select the desired folder to install to or continue by clicking next.
Step 3:
Leave the defaults checked and click next.
Download Dod Certificates For Mac
Step 4:
After the installation finished click run InstallRoot.
Cac Certificates For Mac
Step 5*:
If Firefox, Java, or both programs are installed on your computer you will be asked if you would like to install the certificates in their respective certificate stores. Select yes if you are accessing DOD sites that use Java or if you access DOD sites with Firefox.
Step 6:
Close the Quick Start pop up.
Step 7:
Click Install Certificates in the top left corner. If you click the drop down next to the red ribbon you should see a green check mark next to the certificates.
More information on certificates and other tools can be found via DISA.
Download the latest DoD root certificates here:DoD RootCerts file (CAC required).
- Open the Keychain Access application if it's not already running.
- Drag certificates in the folder to the login section of the Keychain Access.
- Click 'Add' to pop-up adding all certificates to login keychain (must click add to every certificate.).
- Once all certificates have been added double click DoD Root CA 3 and 4 certificates, select Trust and change 'When using this certificate' from 'User System Defaults' to 'Always Trust'.
- Confirm your changes by entering an administrative password.
Notes:
There should be 55 DoD certs available in the Mac Keychain Access Utility.