Performing these fixes “should” fix most access problems.

Slides:



Advertisements
Similar presentations
How to Install a CAC Reader and software on your Personal Computer
Advertisements

University of Alaska Anchorage, Project Management Department
SM Online Group Administration Technical Configuration & Testing O L G A.
Web Shift Booking System
Facebook Login Helper By loginhelper.com. Facebook Login Is the Facebook Homepage, located at Loading Properly?
1 Unit & District Tools Phase 1. 2 To access the new Unit and District Tools, you will need to click on the link embedded in the MyScouting Flash page.
Steps to Recover Private Encryption Keys
For Removal Info: visit
NetAcumen ActiveX Download Instructions
Creating a UAA VPN Connection For Your Computer To Facilitate Polycom PVX – For Windows XP Last Modified On 10/25/2010 University of Alaska Anchorage,
Making DoD Enterprise , AKO, and other DoD websites work with Internet Explorer on your Windows computer. Presented by: Michael J. Danberry Last.
Installing SAS 9.3 Raymond R. Balise Health Research and Policy.
Downloading and Installing AutoCAD Architecture 2015 This is a 4 step process 1.Register with the Autodesk Student Community 2.Downloading the software.
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.
How to Install a CAC Reader on your Personal Computer
How to Digitally Sign a form using IBM Forms viewer (formerly Lotus Forms) and eSign (formerly ApproveIt) Presented by: Michael J. Danberry Last Update.
Panorama High School E.G.P./ Training to Put Students’ Grades on the Website Wednesday, September 29,
Configuring the MagicInfo Pro Display
How to Download and Install a Sharp Print Driver on a Mac.
TUTORIAL # 2 INFORMATION SECURITY 493. LAB # 4 (ROUTING TABLE & FIREWALLS) Routing tables is an electronic table (file) or database type object It is.
So – You want to learn how to put an article onto the state website. (Note: If you have not done so, you will need to review the web training provided.
Lexmark Wireless Printer Adaptor Instructions Step 1. For a Mac, go to network preferences/ select built-in-ethernet and click on TCP/IP tab and annotate.
1 Enterprise How to access your from the web.
Parent Guide for staying connected. To Begin using Skyward Family Access you will need:  A computer connected to the internet  A web browser (Windows.
#5 Useful Reports Training Record Report February
Downloading defined: Downloading is the process of copying a file (such as a game or utility) from one computer to another across the internet. When you.
Downloading and Installing Autodesk Revit 2016
Downloading and Installing Autodesk Inventor Professional 2015 This is a 4 step process 1.Register with the Autodesk Student Community 2.Downloading the.
If browser is blocking some government web sites, this job aid may help you fix the problem. Please note that in addition to the certificates issues, IE.
Accessing DoD Enterprise , AKO, and other DoD websites with Internet Explorer & Edge (Windows 10) on your Windows computer Performing these fixes.
Information Security 493. Lab # 4 (Routing table & firewalls) Routing tables is an electronic table (file) or database type object that is stored in a.
Testing External Survey Automatic Credit Granting Shepherd University Department of Psychology.
Adding DoD certificates to your Mac Presented by: Timothy Solberg and Michael J. Danberry Last Review: 07 October 2015 Adding these certificates are “normally”
Maryknoll Wireless Network Access Steps for Windows 7 As of Aug 20, 2012.
How to fix Error code 0x80072ee2 in Windows 8.1? Fix%20%20Update%20Error%200x80072EE2%20in%20Windows%20 8.1,%20Windows%2010!%20-%20Fix%20PC%20Errors.htm.
Fixing Windows 10 Automatic Updates Install Problem
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.
Windows Vista Configuration MCTS : Internet Explorer 7.0.
Emdeon Office Batch Management Services This document provides detailed information on Batch Import Services and other Batch features.
How to fix Netflix Signing In Issues? For More Details Visit Our Website
HOW TO FIX NETFLIX ERROR CODE: N ? For more details visit our website
Installing RMS 3.0 Contractor Mode
NYS Payroll Online Self Service
NYS Payroll Online Self-Service
Tips for using Java with Internet Explorer
QOF Assessor Validation Report Generator
FINESSE AGENT DESKTOP TRAINING.
Unit & District Tools Phase 1
Configuring ALSMS Remote Navigation
– Officiating Management Software
Performing these fixes “should” fix most access problems.
Facing Problem with Hulu on Android and iPhone Device? (Check Here)
OneDrive for Business User Guide
Lesson #8 MCTS Cert Guide Microsoft Windows 7, Configuring Chapter 8 Configuring Applications and Internet Explorer.
NetAcumen ActiveX Download Instructions
RR RR Problems Along With Solutions For iPhone And iPad Toll Free ( )
QuickBooks is a high-tech accounting software that is trusted by millions of small and mid-sized business owners across the world. However, despite being.
A Quick Guide To Fix QuickBooks Error QuickBooks is a leading accounting software that has assisted millions of small and mid-sized business in.
GTS WebSocket General Guide
Install DoD CA Certificate Instructions for IE
End User Guide.
Performing these fixes “should” fix most access problems.
User Guide Subversion client TortoiseSVN
DoD PKI Automatic Key Recovery
How to Fix Brother Printer Offline Status with Free Brother Printer Support? VISIT WEBSITE.
Performing these fixes “should” fix most access problems.
Dell Latitude Laptop Student setup.
Business Zone - Clearing your Cache
How to install and manage exchange server 2010 OP Saklani.
Presentation transcript:

Performing these fixes “should” fix most access problems. Accessing DoD Enterprise Email, AKO, and other DoD websites with Internet Explorer & Edge on your Windows computer Presented by: Michael J. Danberry Last Revision / review: 05 February 2018 Performing these fixes “should” fix most access problems. Personnel utilizing this guide without a CAC should only skip the pages marked: “This page is CAC Specific.” CAC holders need to follow ALL slides. The most up to date version of this presentation can be found at: http://milcac.us/tweaks

To successfully access Department of Defense (DoD) websites, you MUST install the DoD certificates Download links and installation instructions for the InstallRoot file can be found on: https://militarycac.com/dodcerts.htm If after installation of DoD certs you see “There is a problem with this website’s security certificate” or see red certificate errors, follow this guide: https://militarycac.com/files/dodrootca2.pdf http://militarycac.org/files/dodrootca2.pdf (DoD computers)

Open Internet Explorer (IE) [Make sure the page you are having problems accessing is NOT open in any tabs or another IE browser], Select the gear You may also click the “Alt & T” keys on your computer keyboard

NOT the one from the Start tiles Windows 8 / 8.1 users need to use the Internet Explorer on the Desktop taskbar (bottom of screen) NOT the one from the Start tiles Windows 10 users go to slide 5

Select Internet Options after clicking the ‘gear’ Windows 10 users [using Edge instead of IE] need to “Right click” the Windows logo in the lower left corner of screen, click Control Panel and select Internet Options (or Network and Internet, Internet Options). You may now skip to slide 7 to continue

You can also select Tools, Internet Options

When using Edge in Windows 10, select … (More), then Open with Internet Explorer

Check the Delete browsing history on exit (box), click Delete… NOTE: “A few” IE 11 users have experienced problems when checking this box.

Check the top 4 boxes, leave the rest unchecked, click Delete

Click Settings

Change this number to 50, click OK NOTE: This is my personal recommended size. Making it smaller will make your browser look for an updated page more often. The larger it is, the more web sites are being stored on your computer.

Click the Security (tab)(1), Trusted sites (green checkmark)(2), then Sites (button)(3)

Remove all websites that end in Remove all websites that end in .mil from the Websites: (box) by clicking the listed website, selecting Remove, then clicking Close NOTE: Most Government owned computers will not let you make changes to this area. Your only option is to skip this step. NOTE2: Some people will argue that AKO “should be” in the trusted sites. Here’s what I’ve been able to deduce: it WAS needed with IE 6 & 7, however, if using: IE 8, 9, 10, or 11 AKO users will be “recycled” to the AKO home page. So, IE 8, 9, 10, and 11 users REMOVE it. This is the Websites: box *-NOTE3: As of 13 APR 17, if you need the ability to send and receive encrypted email in OWA, you’ll need to add a version of your webmail URL to the websites box, look at the URL here -> http://milcac.us/files/win10smime.pdf then come back to this guide

Click the Content (tab), Certificates (button) Click: Clear SSL state

Most people will see 3 DOD certificates (2 with EMAIL and 1 without) under the Personal (tab) Issued By (column). If you see more than 3, go to slide 24 for further instructions. Personnel with 2 CACs will see a 4th certificate once their PIV is activated on their card. This page is CAC Specific

Click the Intermediate Certification Authorities (tab) Click the Intermediate Certification Authorities (tab). First, verify you have DOD CA-31 through DOD SW CA-58 under the Issued To (column) (if you don’t, go back to slide #2 and install the DoD Root Certificates again). Second, scroll down to below the DOD ID SW CA-48 and look for all of the listed certificates on the next page. IF you see any of the certificates shown on the next slide, select it, and click Remove. - Cross Cert remover Automated file (you may need to run as administrator) to remove certificates Listed above (Does not always work) Download from MilitaryCAC (3 MAR 16 version) Download from DISA (3 MAR 16 version) Another way to remove the certificates utilizing certmgr.msc This guide can be used if the method above doesn’t work for you. Information about the Cross Cert Remover

These are the known “bad certs” that need to be removed from Intermediate Certification Authorities (tab) [if found]: Issued To Issued By DoD Interoperability Root CA1 SHA-1 Federal Root CA G2 DoD Interoperability Root CA2 Federal Bridge CA 2013 DoD Interoperability Root CA2 Federal Bridge CA 2016 DoD Root CA 2 DoD Interoperability Root CA 1 DoD Root CA 3 DoD Interoperability Federal Bridge CA 2016 or 2013 Federal Common Policy CA SHA-1 Federal Root CA G2 Federal Common Policy US DoD CCEB Interoperability Root CA 1 NOTE: If you don’t see any of these, select Close on this window and continue with this guide

Click the Connections (tab)(1), LAN settings (button)(2), make sure none of the boxes are checked(3) (Personal Computers only), click OK 1 3 2

Click the Advanced (tab), scroll to the bottom of the list, make sure that only TLS 1.0, 1.1, & 1.2 are checked. The SSL(s) should NOT be checked NOTE: Latest update to Windows 10 removed Use SSL 2.0, so you won’t see it. NOTE: “Some” computers refuse to leave TLS 1.0 checked and SSL 2.0 unchecked. If this happens, click the Reset… (button).

More information available at https://MilitaryCAC.com/ees.htm If you are still having issues, uncheck "Enable Enhanced Protected Mode*“ This is sometimes needed to sign evaluations on EES (Army’s OER / NCOER system). https://evaluations.hrc.army.mil More information available at https://MilitaryCAC.com/ees.htm To try this option, Click Tools, Internet Options, Advanced (tab) INFORMATION: Running Enhanced Protected Mode* helps prevent attackers from installing software or modifying system settings if they manage to run exploit code. It is an extra layer of protection that locks down parts of your system that your browser ordinarily doesn’t need to use. - Unfortunately it blocks access and functionality to / on some DoD websites like HRC’s EES.

If the previous adjustments did not work, select Reset… at the bottom of the Advanced (tab), AND what you see on the next page

You may need to Remove certificates (see slides 5 & 13 for instructions on how to get to this location). People with 2 CACs may see up to 8 certs after they have activated their PIV certificates (4 certs per card). NOTE: Removing certs and your CAC, then reinsert your CAC is a way to test if your reader and middleware are working properly. NOTE2: You will receive a message stating: You cannot decrypt data encrypted using the certificates. Select: Yes This page is CAC Specific

Your certificates “should” automatically be available to Windows when you remove and reinsert your CAC into the reader, however… If you have ActivClient 6.2.0.x (Windows 7) installed.. You can double click the ActivClient icon (by your clock in the lower right corner of your screen) now go to slide 26 If you don’t see it there: Windows 7 users can Click Start / Windows logo, All Programs, ActivIdentity, ActivClient, User Console. Now go to next slide Windows 7, 8 / 8.1, & 10 native users will not see an ActivClient icon, since you are not using it. ActivClient 7.0.x.x. & 7.1.x.x do not have the function of making available to windows, your only option is to remove the card and reinsert it. This page is CAC Specific

Resetting optimization cache in ActivClient 7.1.0.x Click Tools, Advanced, Reset optimization cache This page is CAC Specific

Go to next page to Make Certificates available to Windows Forget state for all cards in ActivClient 6.2.0.x, this helps Dual CAC holders immediately after a PIV activation Click Tools, Advanced, Forget state for all cards (twice) DOE.JOHN.ANDREW.1111111111’s Make Certificates available to Windows... Forget state for all cards Go to next page to Make Certificates available to Windows This page is CAC Specific

How to make your certificates available to Windows when using ActivClient 6.2.0.x Click Tools, Advanced, Make Certificates available to Windows DOE.JOHN.ANDREW.1111111111’s You should see this message This page is CAC Specific

Try these additional items if you are still having issues: Your time on your computer may be off by more than the server’s 5 minute allowed limit. Check your clock and time zone. If all of the previous ideas did not work, please visit: https://militarycac.com/cacdrivers.htm to start troubleshooting your CAC reader

When checking your email on Windows 10, make sure you are selecting the correct certificate. Select More choices to see additional certificate(s) This page is CAC Specific

There has been an DNS issue for some people for the fast few months, give the ideas below a try if still having problems Here’s how in Windows to manually configure the DNS settings. 1.  Right click on your Wireless / Ethernet connection (down by your clock) 2.  Select Open Network and Sharing Center 3.  Click Change Adapter Settings 4.  Right Click on your active internet connection, select Properties 5.  Under This connection uses the following items: scroll down and click on Internet Protocol Version 4 (TCP/IPv4), then click Properties 6.  Select the option Use the following DNS server addresses:.  This is where you manually configure your DNS servers: NOTE: It is up to you if you want to use Open DNS or Quad 9.  You might try each of them separately. Open DNS - enter 208.67.222.222 for Preferred DNS server, and 208.67.220.220 for Alternate DNS server.  Click OK, then click Close.   or Quad 9 - enter 9.9.9.9 for Preferred DNS server, and leave alternate DNS server blank.  Click OK, then click Close

There has been an DNS issue for some people for the fast few months, give the ideas below a try if still having problems Here's How on a Mac to manually configure the DNS settings.  1.  Click Apple icon -> System Preferences, Network.   2.  Select the network connection service you want to use (usually Wi-Fi or Ethernet, unless you named it something else) in the list, then click the Advanced (button).  3. Click the DNS (tab), click the (+) at the bottom of the DNS Servers list.  This is where you will add DNS server IP addresses.  NOTE: It is up to you if you want to use Open DNS or Quad 9.  You might try each of them separately. Open DNS - enter 208.67.222.222 and 208.67.220.220.    or Quad 9 - enter 9.9.9.9 and leave alternate DNS blank 4. When you're finished, click OK, then close the open window

Presentation created and maintained by: Michael J Presentation created and maintained by: Michael J. Danberry https://MilitaryCAC.com http://MilitaryCAC.org (DoD Computers) If you still have questions, visit: https://militarycac.com/questions.htm http://militarycac.org (DoD Computers)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.