Get DoD Certificates Working in Chrome

in CAC 3 min read

Getting your Common Access Card (CAC) working with Chrome on Windows or Mac requires proper certificate configuration. This guide walks you through the complete setup process to access DoD websites securely.

Prerequisites

Keyboard with security padlock

Before configuring Chrome for CAC access, ensure you have:

  • A CAC reader connected to your computer (USB readers like SCR3310 or built-in keyboard readers)
  • Current DoD certificates installed (available from militarycac.com)
  • ActivClient or similar middleware installed and running
  • Your CAC card with valid certificates

Installing DoD Root Certificates

Chrome uses your operating system’s certificate store, so you’ll need to install DoD certificates at the system level:

Windows Users

  1. Download the DoD certificate bundle from militarycac.com
  2. Double-click the InstallRoot file to run the installer
  3. Allow administrator permissions when prompted
  4. Restart Chrome after installation completes

Mac Users

  1. Download the Mac-specific certificate bundle
  2. Open Keychain Access from Applications > Utilities
  3. Drag the certificate files into the System keychain
  4. Mark each certificate as “Always Trust”

Configuring Chrome Settings

After installing certificates, configure Chrome to recognize your CAC:

  1. Open Chrome and navigate to chrome://settings/certificates
  2. Click “Manage Certificates” to open your system certificate manager
  3. Verify DoD certificates appear in the Trusted Root Certification Authorities
  4. Insert your CAC and confirm Chrome can see your personal certificates

Testing Your Configuration

Visit a DoD CAC-enabled website like OWA (Outlook Web Access) or MyPay to test your setup. When prompted, select your CAC certificate and enter your PIN. If authentication succeeds, your configuration is complete.

Common Issues

Certificate not found: Ensure your CAC reader is properly connected and middleware is running. Try removing and reinserting your card.

SSL errors: You may need to clear Chrome’s SSL state. Go to chrome://net-internals/#hsts and clear site security policies, then restart the browser.

PIN prompt doesn’t appear: Check that ActivClient or your middleware software is running in the system tray. Restart the service if needed.

Mike Thompson

Mike Thompson

Author & Expert

Mike Thompson is a former DoD IT specialist with 15 years of experience supporting military networks and CAC authentication systems. He holds CompTIA Security+ and CISSP certifications and now helps service members and government employees solve their CAC reader and certificate problems.

110 Articles
View All Posts

You Might Also Like