- Update My Dod Certificates
- How To Remove Dod Certificates
- Install Dod Certificates Windows 10
- Dod Certs
On your Mac, drag the certificate file onto the Keychain Access icon or double-click the certificate file. To view the contents of the certificate before you add it, click Show Certificates in the dialog, then click OK when you’re done. On a Mac computer, DoD root certificates go up to CA 26 only. If you have CA between 27 and 32, you have to install CAs 27-32 and CA emails 27-32. Download the file here. After extracting the zip file, go to the extracted folder, double click each certificate to install them on your system. DoD ECA certificates enable cryptographic protection of transmitted data. IdenTrust is an approved provider of DoD ECA (External Certificate Authority) certificates that can be used to enable cryptographic protection of transmitted data. ECA certificates are individually issued digital identity credentials intended for the DoD contractor community.
![Install dod certificates Install dod certificates](/uploads/1/2/6/4/126419800/159650155.jpg)
The Mac OS relies heavily on the information you put in the Keychain. When you're installing the various DOD certificates into the Keychain, you're essentially telling the Mac OS how it should handle the certificate and any certificates issued by that server. Of the various DOD certs, the most important will be the DOD Root certs. A root certificate is the top-most certificate of the tree, which means all other certificates further down the tree depend on the trustworthiness of the root. As long as you have the correct DOD Root CA certs installed, trusted, and don't have any duplicates, the rest of the various DOD certs shouldn't show any issues of validation in your Keychain. This has become even more important since macOS High Sierra was released. I have seen situations where users do not get prompted to select a certificate or enter their PIN, or only see a 'com.apple.idms....' certificate in the selection window. My best conclusion is that the Keychain is unable to determine the validity of the CAC certificates, and therefore do not allow you to select them for authentication.
Now let's get started by adding the DoD Root CA certs into your Keychain. Use the following links to download the certificates, and then drag them into your 'System' Keychain:
https://militarycac.com/maccerts/RootCert2.cer
http://militarycac.com/maccerts/RootCert3.cer
http://militarycac.com/maccerts/RootCert4.cer
Update My Dod Certificates
http://militarycac.com/maccerts/RootCert5.cerOnce they are in your Keychain, they will most likely have a red x next to them. Open each certificate individually, tap the arrow next to the Trust Settings, click the first drop down menu and select Always Trust, then close the Window and enter your Mac password when prompted. If you have any DOD Root CA certificates with blue around the border of the certificate icon, delete those as well. Once you have done this to all of your DOD Root certs, they should look like this:
- DOD Root Certs
- Screen Shot 2017-12-12 at 7.37.22 AM.png (27.06 KiB) Viewed 41092 times
- Trusted Intermediate
- Screen Shot 2017-12-12 at 8.28.57 AM.png (24.64 KiB) Viewed 41092 times
How To Remove Dod Certificates
- DOD Certs
- Screen Shot 2017-12-12 at 8.30.03 AM.png (424.3 KiB) Viewed 41092 times