How to add the DoD Root CA
2, 3, 4, & 5 certificates in your
Windows computer Certificate
Store
Sometimes running the DoD InstallRoot file does not install the
DoD Root CA 2, 3, 4, & 5 certificates into the Trusted Root
Certification Authorities tab. This causes certificate errors when
visiting DoD websites. This guide will show you how to fix the
error.
NOTE: This is the only process known for Windows RT devices
to install the certificate, but will work for all versions of
Windows
1
Last update / review: 03 January 2019
Presented by: Michael J. Danberry
Please check for the most current version of this presentation at:
http://militarycac.com/files/dodrootca2.pdf
If you are using a Windows computer and see the
below message when trying to access a DoD website
[and have already installed the DoD InstallRoot file]
Click: Continue to this website (not recommended)
2
Go to slide 5 to continue
After clicking Continue to this website (not
recommended) you’ll see the entire web
address bar is red, and a red shield with a
white x in it, stating Certificate error
3
Go to the following web page:
https://militarycac.com/certs/ and click on
DoDRoot2.cer, DoDRoot3.cer, DoDRoot4.cer, &
DodRoot5.cer
4
After you click each link,
you’ll see the message
below, select Save As. Save
all four to your desktop.
You can also Right click the
link and save target as
..
As
Right click each certificate, select Install Certificate,
then select Open
5
Select Install Certificate… then OK
6
Select Local Machine, then Next
7
Windows 7 users may not see this screen
NOTE: If you
are unable to
select Local
Machine, go to
slide 16 and
follow
instructions for
installing this
certificate.
When / If prompted for the User Account Control,
Select Yes
8
Select Place all certificates in the following store,
then Browse…
9
Select Trusted Root Certification Authorities, then
OK
10
Trusted Root Certification Authorities should now
show in the box, select Next
11
Select Finish
12
Select OK
13
Select OK
14
If you only installed one of the 4 certificates, Go
back to slide 5 and do the same for the
DoDCert3.cer, DoDCert4.cer, & DoDCert5.cer files
and follow the guide for each certificate
15
Close your Web browser, Reopen it, and try
revisiting the website you were receiving the
certificate error on previously. You should not have
the error or red background any longer
16
NOTE: If the problem still persists, try running Internet Explorer as an admin, here’s
how:
Right click Internet Explorer, select Run As Administrator, click Tools, Internet Options,
Content (tab), Certificates (button), Trusted Root Certification Authorities (tab), Import
(button) (select file), Next, OK, and windows reports Import Successful.
More Information can be found here:
http://superuser.com/questions/145394/windows-7-will-not-install-a-root-certificate
NOTE2: If you still have problems go to slide 17 and follow instructions as the file may
not have installed.
Sometimes your AntiVirus / Security program
can block the certificate from installing
Temporarily disable the Security program and attempt to install the
InstallRoot file again from https://militarycac.com/dodcerts.htm
17
If you are still receiving the certificate error, it
is possible the file did not install correctly.
This time follow slides 5-11 again. Select the box titled: Show physical
stores, then reopen Trusted Root Certification Authorities and select
Registry, then OK
18
Registry
You’ll know they are installed when you see: DoD
Root CA2, DoD Root CA 3, DoD Root CA 4, & DoD
Root CA 5 in both the Issued To and Issued By
columns under the Trusted Root Certification
Authorities tab
19
Presentation created and maintained by:
Michael J. Danberry
https://MilitaryCAC.com
If you still have questions, visit:
https://militarycac.com/questions.htm
20