Help

SEARCH

How to install DOD Certificates

Posted in: Help on October 27, 2010

If you are attempting to access DoD SSL sites (such as ASFI (acquisition.army.mil), DIBBS (dibbs.bsm.dla.mil)), you may receive a warning message stating that you should not proceed. Some browsers (FireFox), you can add an exception to the warning and continue normally. In Chrome, you’ll be stopped dead.

To get around this, you can install the DoD Root Certificates on your machine. This will allow your Web browser (Chrome, IE, Safari) to trust the identity of Web sites whose secure communications are authenticated by DoD.

Is this required? No, however, this will help you avoid Security Alert windows when you go to secure communication Web sites for various DoD agencies, including DTIC, DIBBS, AFSI. Future access to DoD Web sites may require certificates.

To do this correctly, you should download ALL of the certificates referenced here: http://dodpki.c3pki.chamb.disa.mil/rootca.html and import them into your Trusted Certificate Store. Here’s How (Windows):

  • Browse to this site: http://dodpki.c3pki.chamb.disa.mil/rootca.html using IE 6.0 or later, or Firefox 3.0 or later. (You can’t use Chrome for this page, it isn’t supported by the DoD).
  • Right click on each of the certificates and download them onto your disk.
  • Open Certificate Manager by clicking the Start button , typing certmgr.msc into the Search box, and then pressing ENTER.‌ If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
  • Click on Trusted Root Certificate Authorities, then Right Click and choose Import.
  • Import each of the certificates that you saved to disk.
  • As an option, you can import the certificates from Chrome. To do this, click the Wrench, Options, Under the Hood, Click the Manage Certificates Button, Click the Trusted Root Certification Authorities tab, then import each of the certificates.

If you have trouble with this feel free to give us a call and we’ll step you through it online.

 

Comments

6 Comments
  1. Richard Baltierra

    I am following the instructions provided on your web site but when I get to the point where I use the certmgr.msc I’m prompted for the location of the certificates that I saved – but I have no idea where they were saved.

    Comment by Richard Baltierra on October 21, 2011 at 8:20 pm

  2. rreid

    Richard,

    If you are using Chrome or Firefox, press Ctrl+J to view downloaded files. You should be able to see the location where you’ve saved them in that list.

    Comment by rreid on October 22, 2011 at 7:11 pm

  3. Seshukumar

    I have downloaded as per the instructions above, But unable to open http://www.dla.mil site.

    How to open this site?

    Seshukumar

    Comment by Seshukumar on November 15, 2011 at 5:16 am

  4. Forrest

    In chrome browser go to google and look up the required certificate to run .dla.mil. Download the file. In chrome, go to options, then click on under the hood. Go to manage certificates. Click on Trusted Root Certificate Tab and then browse for file. You will have allow all file types to show. When the specific file is found import the certificate. A warning will appear and you will be required to trust the file. Click trust until the all certificates have been imported from file.

    Comment by Forrest on December 27, 2011 at 4:30 pm

  5. Joe

    Is the link working? No one I am working with can download. I am using Windows XP.

    Comment by Joe on May 4, 2012 at 6:27 am

  6. Karl

    I did what required but it still “You attempted to reach http://www.dibbs.bsm.dla.mil, but the server presented an invalid certificate.”

    Comment by Karl on January 11, 2013 at 7:56 am

Bookmark and Share