Re: [Fed-Talk] Re: Getting DoD root certificates
Re: [Fed-Talk] Re: Getting DoD root certificates
- Subject: Re: [Fed-Talk] Re: Getting DoD root certificates
- From: Dave Schroeder <email@hidden>
- Date: Tue, 15 Apr 2008 20:00:35 -0500
It might still be handy to have the DOD root around.
To get the DOD root, NIPRNet/DNI-U users visit:
http://dodpki.c3pki.chamb.disa.mil/
Army (AKO/DKO) users can use:
https://eportal.ctnosc.army.mil/
- Dave
On Apr 15, 2008, at 7:51 PM, Jim Solderitsch wrote:
I figured out something that seems to work.
When I opened the certs in Keychain Access that had the complaint, I
found URIs in the description for the offending category: DOD CA-16
and used these URLs to download the .cer files and then imported
them into the System Cert store with Keychain Access.
After I did this, the certificates on my CAC were now pronounced
valid.
So, I guess my original concern is addressed.
Sorry if this is well-known to the members of this list.
Jim
On Apr 15, 2008, at 8:23 PM, Jim Solderitsch wrote:
Just got a CAC card for accessing some DoD sites as an Air Force
contractor.
I had to get a new Smart card reader (OmniKey) when the one I had
was having problems with Leopard. Thanks to some of the posts to
Fed-Talk for helping me.
So now I can see the certs and keys on the card with Keychain access.
But I am told for each cert that "This certificate was signed by an
unknown authority".
I suspect that I need to install some DoD root certs to allow the
trust chain to be verified.
I do not know where to go to get these. I did some searching and
did not discover a site where they might be obtained or how to
obtain them.
I did some references to a Firefox plugin but I am somewhat unclear
if that is the proper way to go or not.
I would like to read my webmail for my .mil address and use the CAC
to access web sites like I can when running on a PC. I use both
Safari and Firefox.
Any suggestions or pointers appreciated
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden