Search MilitaryCAC:

Site Map

  MilitaryCAC.com logo

.com | .us | .ml  | .mobi | .net | .org

 

The Definitive Source for Everything CAC

Common Access Card help for your

Personal Computer

 

Make a Donation button image

 

 

PERSONAL IDENTITY VERIFICATION (PIV) ACTIVATION INFORMATION PAGE (including updating Email address on CAC) 64bit / 32bit

 
Enterprise Webmail link:

https://web.mail.mil

    

All Army personnel (previously only Dual Persona) users have to activate the PIV on their CACs (click these 64bit / 32bit links for specific instructions). 

 

Previously, only Dual Persona user needed to activate their PIV to be able to access their Enterprise Email account(s).

 

The Army is pushing for everyone to expose their PIV now, to make you ready.  You will be able to login to any EAMS-A websites with your ID, PIV, or Email certificate. 

 

NOTE:

Between October 2019 and February 2020 everyone in the Army was migrated to PIV AUTH certificate for Email access.  You will no longer use your Email certificate for Enterprise Email.

 

Signing PDFs will still only work with ID or Email. The PIV won't show up in Adobe.

 

NOTE:  All Army CACs issued since end of month (EOM) February 2018 have the PIV already activated.  This page is for anyone with a CAC issued prior to EOM February 2018.  (Follow these 64bit / 32bit links for instructions).

 

Accessing web.mail.mil [for dual persona users] requires the steps below and an existing DoD Enterprise Email address

 

Windows Installation Steps

Step 1: Obtain a CAC Reader
Step 2: CAC Reader driver
Step 3: DoD Certificates
Step 4: ActivClient  The built in Smart Card ability of Windows 8 & 8.1 will not see the PIV certificate.  Windows 10 will only see the PIV and Email
Step 4a: Update ActivClient
Step 5: IE adjustments
Step 6: Select the PIV certificate when prompted

 

Example, select U.S. Government PIV, NOT the DOD EMAIL certificate
PIV image

Windows 10 users will see this
Win10 cert selection

A PIV is comprised of your 10 digit DoD ID # followed by 6 more digits

 

The 1st digit is the Organizational Category

1 = Federal Government Agency

2 = State Government Agency

3 = Commercial Enterprise

4 = Foreign Government

Source:  Paragraph 5.1.5.2.8 https://www.dmdc.osd.mil/smartcard/docs/DoD%20PIV%20Transitional%20Implementation%20Guide.pdf

 

The 2nd through 5th are the Agency Code

2100 = Department of the Army

5700 = Department of the Air Force

1700 = Department of the Navy

1727 = Department of the Navy - US Marine Corps

9700 = Department of Defense - Other Agencies

7008 = US Coast Guard

7520 = US Public Health Service

1330 = National Oceanic and Atmospheric Administration

Source:  Paragraph 5.1.5.2.1  https://www.dmdc.osd.mil/smartcard/docs/DoD%20PIV%20Transitional%20Implementation%20Guide.pdf

 

The 6th position is the Person / Organization Association Category

1 = Employee, example: NAF (Non Appropriated Funds)

2 = Civil, example:  CIV / LN (Civilian / Local National)

3 = Executive Staff

4 = Uniformed Service, example: MIL (Military)

5 = Contractor CTR (Contractor)

6 = Organization Affiliate, example: NFG / Volunteer / Foreign Military (Non-Federal Government)

7 = Organization Beneficiary

Source:  Paragraph 5.1.5.2.10  https://www.dmdc.osd.mil/smartcard/docs/DoD%20PIV%20Transitional%20Implementation%20Guide.pdf

 

 

Mac users needing to select their PIV certificate need to select the non Email certificate and scroll down to verify the NT Principal Name.  It will be your 10 digit DoD ID # followed by the 6 digits broken down above.  If you don't see NT Principal Name, select the other non email certificate.  If you don't see another option, then you may need to find a Windows computer and reactivate your PIV cert again.

.
NTPrincipalName

Mac Users - The ability to activate your PIV is NOT possible on the Mac OS.  You need to find a Windows 10 computer (maybe at your unit), or virtualize Windows and then follow the information on this page..

Chrome and Linux Users - The ability to activate your PIV is NOT possible in Chrome or Linux OS.  You need to find a Windows 10 computer (maybe at your unit), or virtualize Windows and then follow information on this page.

How to activate your PIV Certificate on your CAC on a Windows 10 computer with ActivID 7.1.0.153

 

 

 

 

Question / Problem: How do I "add" a PIV certificate to my CAC, so, I can access my DoD Enterprise Email, or I'm being directed to do it?  Technically, the PIV certificate is already on your CAC, but is hidden by default.  This may be a reason why you cannot access your webmail. 

.

Some information: 

--Your system needs to be all 32 bit or all 64 bit, which means:

 

 

PIV Activation on a 64 bit Windows Computer

 

Reminder:  All Army CACs issued since 1 March 2018 have the PIV already activated.  This information is for anyone with a CAC issued prior to 1 March 2018.

 

Information:  The same settings are required to change your email address on your CAC.

.

NOTE: This process will NOT work with the built in Smart Card utility in Windows 10, 8.1, or 8.  It requires ActivClient / ActivID on the Windows computer

 

PIV Activation Step 1- Install ActivClient / ActivID

 

-64 bit ActivID 7.1.0.153 (Windows 10, 8.1, & 8 users)

 

PIV Activation Step 2- Install 64 bit Java from https://java.com/en/download/manual.jsp, Select: Windows Offline (64-bit) using Internet Explorer

 .

PIV Activation Step 3- Add 3 web addresses to:  Control Panel > Java > Security (tab) > Edit Site List:   https://pki.dmdc.osd.mil, https://www.dmdc.osd.mil, and https://idco.dmdc.osd.mil

 

PIV Activation Step 4- In Internet Explorer 11 (this process will NOT work with other web browsers), Select Enable 64-bit processes for Enhanced Protected Mode* [in Internet Options, Advanced Tab] to run IE in 64 bit mode.  By default, IE 11 runs in 32 bit mode.  More information can be read here. 

 

PIV Activation Step 5-  Visit https://www.dmdc.osd.mil/self_service  after watching video above

 

NOTE:  I have had one report that adding dmdc.osd.mil to the trusted sites in Internet Explorer helped them.

 

 

 

PIV Activation on a 32 bit Windows Computer

 

Reminder:  All Army CACs issued since 1 March 2018 have the PIV already activated.  This information is for anyone with a CAC issued prior to 1 March 2018.

 

Information:  The same settings are required to be change your email address on your CAC.

 

NOTE: This process will NOT work with the built in Smart Card utility in Windows 10, 8.1, or 8.  It requires ActivClient / ActivID on the computer

 

PIV Activation Step 1- Install ActivClient / ActivID

 

-32 bit ActivID 7.1.0.153 (Windows 10, 8.1, & 8 users)

 

PIV Activation Step 2- Install Java from https://www.java.com using Internet Explorer

 

PIV Activation Step 3- Add 3 web addresses to:  Control Panel > Java > Security (tab) > Edit Site List:   https://pki.dmdc.osd.mil, https://www.dmdc.osd.mil, and https://idco.dmdc.osd.mil

 

-32 bit Internet Explorer (this process will NOT work with any other web browser) (Start, All Programs, Internet Explorer) Windows 8, do NOT use the IE from the tiles menu

 

PIV Activation Step 4-  Visit https://www.dmdc.osd.mil/self_service  after watching video above

 

NOTE:  I have had one report that adding dmdc.osd.mil to the trusted sites in Internet Explorer helped them.

 

 

Immediately after your PIV is activated, remove your CAC from the reader, then reinsert it.  You "should" now see 4 certificates when looking in Internet Explorer, Tools, Internet Options, Content (tab), certificates (button), Personal (tab).

 

 

Non-Solution for Mac Users:  I have not found any way for you to activate your PIV using a Mac.  The recommended method is to find a Windows 10 or 8.1 / 8 computer and follow Instructions above.

 

 

Solution 2:  DMDCs Self Service website is working better now than it did originally for activating users PIV authentication certificate. 

 .

 

 

Question:  What exactly is "Dual Persona?"

 

Answer:  The easiest way to explain is to give you an example:  an Army Reserve [or Guard] Soldier who is also a DoD civilian [or contractor] who is authorized [or required] to have / carry / use two separate CACs.  We have found people who were previously a contractor [or civilian] during the past three to five years [even if they left the job a year ago] are still classified as a Dual Persona in the eyes of DMDC and DISA.

 

Individuals that fall into this category HAVE to activate their PIV certificate to be able to access their email in the DoD Enterprise Email.  If you want to validate this prior to going through this process.  Call the Army Enterprise Service Desk-Worldwide at 866-335-2769 and select Enterprise Email.  Ask the agent to look in DEPO to verify if you are PIV AUTH.

 

 

 

Question:  What do I do if I add PCC to UPN on my CAC on the DMDC Self Service website, resulting in a .letter after my DoD ID number?  This renders the certificate useless for Army personnel.  This is not the case for other branches of the military.

 

Answer:  Follow this guide to remove the PCC from UPN on your Army CAC

 

 

 

 

NOTE:  Java 7 update 71 was the last version that had the ability to slide the Security bar to Medium.  This is needed for the DMDC Self Service (PIV activation) site to work, read more here.  You can update to the current version of Java once you activate your PIV cert.

 

Download Java 7 update 71 (64 bit) from MilitaryCAC

 

Download Java 7 update 71 (32 bit) from MilitaryCAC 

 

 If you have questions or suggestions for this site, contact Michael J. Danberry

Disclaimer

 

ACRONYM Reference Page

 

GoDaddy Site Certified seal

.

Last Update or Review:  Sunday, 03 April 2022 12:49 hrs

 

The following domain names all resolve to the same website:  ChiefsCACSite.com, CommonAccessCard.us, CommonAccessCard.info, & ChiefGeek.us