Here are the steps on how to install a CAC Reader for Mac:![Download dod certificates mac Download dod certificates mac](https://my.nps.edu/documents/111151326/111164233/java.png/1792e1fd-73e2-45d5-85e4-8ad1de97e2d2?t=1514572238000)
Chose to install certificates to Firefox as indicated in step #8, a Firefox tab should also appear for each Firefox profile on your computer. Please look under each of these tabs and make sure that. Adding DoD certificates to your Mac Presented by: Timothy Solberg and Michael J. Danberry Last Review: 07 October 2015 Adding these certificates are “normally” not needed, however, if you are using CITRIX on your Mac or your new CAC has a CA of 27-32, you may need these for your computer to communicate with some websites. OPTION 1 - Automatically Trust All DOD Certificates (Recommended for Windows) The InstallRoot application is the most simple and straightforward way to install all DOD certificates in your windows operating system, and supports Internet Explorer, Chrome, and Firefox. The links below will let you download the tool from the DISA.MIL website (we.
Dod Certs
- Ensure your CAC reader works with Mac
- Check to ensure your Mac accepts the reader
- Check your Mac OS version
- Check your CAC’s version
- Update your DOD certificates
- Guidance for Firefox Users
- Look at graphs to see which CAC enabler to use
Step 1: Purchase a Mac Friendly CAC Reader
Purchase a CAC reader that works for your Mac. There are only a couple that you can choose from and I’ve listed them below.
If you already have a CAC reader and it isn’t Mac friendly, you could update the firmware, however, for the non-tech savvy people out there, it’s probably better to just purchase a new one and save the headache – they’re only ~$11-13 dollars.
Best Mac Compatible CAC USB Readers
Best Mac Compatible CAC Desk Readers
Step 2: Plug in and Ensure It’s Accepted
Once you have your CAC reader, plug it into your Mac and ensure your computer recognizes it. If you have one of the CAC readers we suggested above, then you should be good to go.
If for some reason your CAC reader isn’t working, you may need to download the appropriate drivers for your CAC reader. You can find these drivers on the Reader’s Manufacturer Website.
Step 3: Update Your DOD Certificates
Now that you have your CAC reader connected and accepted on your Mac computer, it’s time to ensure you have the right certificates in order to access DOD CAC required web pages.
Procedure for Chrome and Safari
- Type ⇧⌘U (Shift + Command + U) to access your Utilities
- Find and Double click “Keychain Access”
- Select “Login” and “All Items”
- Download the following five files and double click each once downloaded so as to install in your Keychain Access.
- When you double-click the Mac Root Cert 3 and 4, you’ll need to tell your browser to always trust them. Click the button like you see below:
Additional Steps for Firefox
If you’re using Mozilla Firefox as your primary browser, you’re going to need to perform some additional steps. First, perform the same steps that you did for Chrome and Safari. Afterwards, follow these additional steps to get started.
- Download All Certs zip and double click to unzip all 39 files
- While in Firefox, click “Firefox” on the top left, then “Preferences”
- Then Click “Advanced” > “Certificates” > “View Certificates”
- Then Click “Authorities” and then “Import”
- Import each file individually from the “AllCerts” folder. When you do this, the below box will popup. Check all three boxes and click “OK”
Download Dod Certificates Mac
Step 4: Download and install CAC Enabler
Choosing the right CAC enabler can be pretty tricky. It all depends on what OS you have installed, how you installed it, and even what kind of CAC Card you have!
In order to get the right enabler, be sure to visit our trusty guide to Mac CAC Enablers! It’ll walk you through exactly which enabler is right for you.
CAC Access at Home Success
Now that you have a CAC reader, certificates, and a CAC Enabler, you should now be able to access any CAC-enabled website and log on using your CAC password and data.
Common Reasons Why Your CAC Card Won’t Work On Your Mac
![Download dod certificates mac Download dod certificates mac](https://my.nps.edu/documents/111151326/111164233/java.png/1792e1fd-73e2-45d5-85e4-8ad1de97e2d2?t=1514572238000)
Ensure Your CAC Card Meets the Standards: In order for your CAC card to work, it must meet the minimal requirements. Currently, there are only four types of CAC cards that can be used. The ensure you have the right CAC card for online access, flip your CAC card to the back and if you have one of the below numbers written on the top left, then you are good to go:
- G&D FIPS 201 SCE 3.2
- Oberthur ID one 128 v5.5 Dual
- GEMALTO DLGX4-A 144
- GEMALTO TOP DL GX4 144
If you do not have any of the above written on the back, then proceed to your nearest PSD to get a new CAC card issued.
Safeguard Sensitive and Unclassified DoD Information using ECA certificates
Cyber theft of DoD program information from defense contractors’ unclassified computer networks puts the U.S. military’s technological advantage at risk. Theft of information pertaining to DoD capability development can allow adversaries to bypass costly and lengthy research and development cycles and/or understand enough about U.S. military technology to develop countermeasures.
Best practices to mitigate the risk of information theft are to implement commensurate information security controls such as logical access controls, audit and accountability controls, configuration management controls, physical access controls and increasingly controls to encrypt data at rest and in transit to protect sensitive information from theft. It is critical that all DoD contractors implement best practice information security to mitigate the risk of information theft.
Recognizing the need to ensure contractors implement best practice controls, the DoD developed new policy to mitigate this risk by including clauses in the Defense Federal Acquisition Regulation Supplement (DFARS). The DFARS clauses require enhanced safeguarding of unclassified DoD information mandating the use of specific NIST SP800-53 controls.
While most of the required security controls represent best practices already in place within most contractor organizations, many contractors do not today implement controls to protect transmitted information. The DFARS clauses specifically require the use of cryptographic mechanisms to prevent unauthorized disclosure of information during transmission for many types of unclassified DoD information.
DoD ECA certificates enable cryptographic protection of transmitted data
IdenTrust is an approved provider of DoD ECA (External Certificate Authority) certificates that can be used to enable cryptographic protection of transmitted data. ECA certificates are individually issued digital identity credentials intended for the DoD contractor community. DoD contractors can use these credentials to meet DFARS requirements for safeguarding sensitive and unclassified DoD information:
- Digitally sign and encrypt email and/or documents
- Ensure only intended recipient(s) can decrypt transmitted data
- Ensure integrity of encrypted information (meaning it has not changed since encryption)
- Ensure the identity of the sender of the information
DoD ECA certificates integrate seamlessly with a variety of email products including:
There are several DoD ECA certificate options that can be used for secure email. There are different types of DoD ECA certificates that can be used for secure email, as well as other capabilities such as digital signing and two-factor authentication. It is important to know how your will use your certificate in order to choose the appropriate type to best suit your personal or business needs. Learn more about the specific characteristics and current pricing for DoD ECA certificates or simply use choose BUY NOW and our Certificate Selection Wizard will help you make your selection.
When public trust is all you require, IdenTrust offers TrustID® certificates to meet your needs.
When non-DoD government trust is required, IGC certificates offer the ideal solution.
When non-DoD government trust is required, IGC certificates offer the ideal solution.