Joint Knowledge Online. CAC Login Troubleshooting Guide



Similar documents
DoD Root Certificate Chaining Problem

FBCA Cross-Certificate Remover 1.12 User Guide

Use of Common Access Cards (CACs) from Home on Windows 7 without Middleware

How to Publish Your Smart Card Certificates Using Outlook 2010

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

Citrix Web Client Installation and CAC Registration Guide


Frequently Asked Questions

SENDING AND RECEIVING PROTECTED INFORMATION VIA ELECTRONIC MAIL. Naval Medical Center Portsmouth IMD Training Division

Industrial Security Facilities Database (ISFD) Troubleshooting Tips

HRC Advanced Citrix Troubleshooting Guide. Remove all Citrix Instances from the Registry

How to submit a System Access Request (SAR) For Enterprise Data Management Office (EDMO) Portal Access

DMDC Learning Site. DMDC LMS User Guide. November 2012

Remote Access VPN SSL VPN Access via Internet Explorer

Using TLS Encryption with Microsoft Outlook 2007

External Partner and Customer Login Instructions via myngc Portal

How to use SURA in three simple steps:

The DoD Public Key Infrastructure And Public Key-Enabling Frequently Asked Questions

Public Key Infrastructure (PKI) Technical Troubleshooting Guide

PDF Bookmarks Help Page: When clicking on a Bookmark and Nothing Happens (or sometimes 'File Not Found' Error)

Entrust Managed Services PKI

Accessing TP SSL VPN

RAPIDS Self Service User Guide

How To Log In To Northrop Grumman.Com With A Password Code And Password Code (For A Password)

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

1. Open the Account Settings window by clicking on Account Settings from the Entourage menu.

A. I do not have my own personal certificate I am a new client or want to download a new certificate

Get Smart Card Ready. How to Recover Your Old (Expired) Certificates

Open Thunderbird. To set up an account in Thunderbird, from the Tools menu select Account Settings; choose account; then click Next.

Test Plan for Department of Defense (DoD) Public Key Infrastructure (PKI) Interagency/Partner Interoperability. Version 1.0.3

EMMA Application v. 4.9 User Manual

Massey University Wireless Network Client Configuration Mac OS X

Security Cooperation Information Portal

Defense Logistics Agency. Virtual Desktop: User Guide

Updated: 7/10/2013 Author: Tim Unten

VeriSign PKI Client Government Edition v 1.5. VeriSign PKI Client Government. VeriSign PKI Client VeriSign, Inc. Government.

Online Statements. About this guide. Important information

Yale Software Library

isupplier PORTAL ACCESS SYSTEM REQUIREMENTS

Access your Insurance Agent s web site using the URL the agency has provided you. Click on the Service 24/7 Link.

Requesting a JIAT Account. Joint Integrated Analysis Tool (JIAT)

Using Two-Factor Authentication Configuration to Combat Cybersecurity Threats

USING SSL/TLS WITH TERMINAL EMULATION

SPOT FAQ S Frequently Asked Questions

User Support Resource

Verify LDAP over SSL/TLS (LDAPS) and CA Certificate Using Ldp.exe

VPN User Guide. For PC

Getting Started Guide: Transaction Download for QuickBooks Windows. Information You ll Need to Get Started

Guidelines for Using the Web Help Desk

CITRIX TROUBLESHOOTING TIPS

Update Instructions

Installing Logos SSL Certificates on Mobile Devices

USER GUIDE FOR DIGITAL CERTIFICATE

InstallRoot 4.1 User Guide. for Unclassified Systems

FILING REPRESENTATIVES TRAINING ONLINE COURSE SCHEDULING USER GUIDE

Employee Express - PIV Card Registration Instructions

Smart Policy - Web Collector. Version 1.1

Guide Configuration of Adobe Reader for document Signature Validation

Using the BWSD Help Desk Website

Client Administrator Quick Reference Guide

GlassFish OpenSSO CAC Authentication Deployment Configuration Guide

HMRC Secure Electronic Transfer (SET)

Database Program Instructions

PaperClip. em4 Cloud Client. Manual Setup Guide

Guidelines for Using the Web Help Desk

Presented by: Michael J. Danberry. Last Revision / review: 07 October ActivClient download locations:

Certificate Request Generation and Certificate Installation Instructions for IIS 5 April 14, 2006

Entrust Certificates Update For FedLine Access Solutions

Utilizing the DoD PKI to Provide Certificates for Unified Capabilities (UC) Components. DISA NS2 Capabilities Center November 3, 2011 Revision 1.

Using Internet or Windows Explorer to Upload Your Site


Hosted Microsoft Exchange Client Setup & Guide Book

Massey University Wireless Network Client Configuration Windows 7

Two Factor Authentication in SonicOS

Configuring DoD PKI. High-level for installing DoD PKI trust points. Details for installing DoD PKI trust points

Scan to Quick Setup Guide

This document shows new Citrix users how to set up and log in to their Citrix account.

TechNote. Contents. Overview. Using a Windows Enterprise Root CA with DPI-SSL. Network Security

Setting Up Distributed Tactical Communications System (DTCS) Service

eadvantage Certificate Enrollment Procedures

Hosted Service Tips and Troubleshooting

Using Remote Web Workplace Version 1.01

Remote Online Support

Outlook Web Access 2003 Remote User Guide

Set Up Setup with Microsoft Outlook 2007 using POP3

How To Configure CU*BASE Encryption

Sun Access Manager CAC Authentication Deployment Configuration Guide

Remote Desktop Services User's Guide

Getting Started Guide: Transaction Download for QuickBooks for Windows

ReviewSnap Quick Training Reference Creating a Self-Review

Accessing CAC-Restricted Sites From Home

Digital Signatures with AutoCAD and CoSign

Web Time Entry. Instructions for Employees

PriveonLabs Research. Cisco Security Agent Protection Series:

Zscaler. How to enable SSL scanning. on your school s. Zscaler web filter

atbusiness Deposit Installation Guide Table of Contents

Aventail Connect Client with Smart Tunneling

Portal Instructions for Mac

IT Quick Reference Guides Connecting to SU-Secure using Windows 8

Transcription:

Joint Knowledge Online CAC Login Troubleshooting Guide Updated Thursday, September 13, 2012

Overview Some users experience problems accessing JKO using CAC. This problem is often the result of a well known and documented problem with incorrectly configured Internet Explorer settings. This problem is known as the DoD Root Certificate Chaining Problem per Defense Information Systems Agency (DISA). DISA has documented the problem and the recommended solution in detail. Please note DISA s recommended solution requires elevated privileges. From DISA guidance on the DoD Root Certificate Chaining Problem: Department of Defense (DoD) Public Key Enabling (PKE) and the DoD Public Key Infrastructure (PKI) Program Management Office (PMO) have received several reports from DoD services about DoD certificates chaining improperly to cross-certificates or the Common Policy Root Certificate Authority (CA). When this occurs on DoD systems, PKI validation does not work properly. Administrators should run the Federal Bridge Certification Authority (FBCA) Cross- Certificate Removal Tool v1.06 once as an administrator and once as the current user. See DoD Root Certificate Chaining Issue (PDF) for an in depth discussion of this problem and the recommended solution from Defense Information Systems Agency.

Problem behavior User can open the JKO login page (https://jkodirect.jten.mil) User selects Login using my CAC link on page User is prompted for their CAC certificate User selects a certificate and may be prompted for PIN o User enters PIN if prompted Internet Explorer displays Cannot display the page This behavior is often the result of incorrectly configured browser settings. This document shows how to correct the most common causes of the CAC login problem. NOTE: Administrative rights are required to complete some or all of the steps outlined below, depending on your local workstation policy. Please request assistance from your local help desk in completing the steps below.

TLS options Ensure only TLS v 1.0 is checked Open the Tools Internet Options menu item in Internet Explorer and then click the Advanced tab NOTE: If you are unable to open Tools- Internet Options menu item, please contact your local help desk.

Internet Explorer Certificates (requires administrative privileges) There are some certificates that are often included in Internet Explorer that cause problems accessing DoD systems via CAC. Use the DISA tool for correcting this problem. Run DISA Federal Bridge Certificate Authority Cross Certificate Remover Tool Have an administrator run DISA s Federal Bridge Certification Authority (FBCA) Cross-Certificate Remover Tool on the user s workstation. The user should then run the FBCA tool again. DISA FCBA Cross-Certificate Remover Tool (ZIP file containing EXE provided by DISA) FBCA Remover Tool User Guide (PDF user guide provided by DISA) Verify Cross Certificate Remove Tool Run Verify the FBCA Cross-certificate Remover tool placed two Common Policy certificates into the Internet Explorer Untrusted Publishers list. Open Tools Internet Options / Content tab Click the Certificates button Click the Untrusted Publishers tab (you will have to arrow to the right to see it) Verify 2 entries Issued to Common Policy

Clear SSL State Open the Internet Options Content tab and click Clear SSL state button.

Clear Browser Cache Open the Internet Options Content tab and click Clear SSL state button. Close all IE windows Have user close all IE windows Reopen IE and attempt login to JKO https://jkodirect.jten.mil via CAC For further assistance, please contact the JKO Help Desk JKO Help Desk JKOHelpdesk@jten.mil 757 203-5654 (Commercial) 668-5654 (DSN)

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information