If you have recently received a new CAC (or certificates) and receive the following errors:
Your client is not allowed to access the requested object. (in INTERNET EXPLORER)
Go to their MSIE (Internet Explorer) and click Tools then Internet Options…
From the Internet Options Window click on the Content tab
On the Content tab have the caller click on Certificates
On the Personal tab you will see the certificates installed on the pc. (If these are missing they will need to Register your Certificates )
Click on the
If the root is not installed you should have the caller go to the PKE Registration help page to download the roots.
Using MSIE have the customer go to http://ges.dod.mil/registrationhelp.html and download the InstallRoot v2.16A and InstallRoot v2.16B (NOTE They can also download from: https://gesportal.dod.mil/sites/DODPKE/ (under the PKE Tools section)
https://infosec.navy.mil (left hand column of main page)
https://afpki.lackland.af.mil/ (under Resources ŕ Downloads)
Save each zip file to the desktop
Double click on the zip file then double click on the exe file. (You will do this for both InstallRoot v2.16A and InstallRoot v2.16B)
A DOS window will open and the caller will continue to click on Yes.
When the executable has finished installing the roots they will see the message “Type the return key to terminate.”. They will then press the Enter key on their keyboard.
Go back to MSIE Tools/Internet Options/Contents/Certificates/ICA tab and verify the new roots are installed.