How to Install DOD Root Certificates in Google Chrome on Linux (Ubuntu)
If you are teleworking from home and you are a US Government employee or Contractor and your agency is using VDI. You need the DOD PKI SSL…
If you are teleworking from home and you are a US Government employee or Contractor and your agency is using VDI. You need the DOD PKI SSL Certificates installed in order to be able to get to your Virtual Desktop using your CAC card. You need a Smart Card Reader and the software.
OS + Browser: Ubuntu 24.04LTS and Google Chrome 127.0.6533.119
Hardware: Lenovo Yoga 7, 16GB RAM, 13th Gen Intel® Core™ i5–1335U
Buy a SmartCard Reader: https://tinyurl.com/sheastechscreader
2. Install and Configure Ubuntu 24.04LTS (or Latest LTS Release on a Laptop) https://youtu.be/-3q9bQC7h3o?si=sFGrCW4hv7zQZm0x
3. After your laptop is up and running and purring like a kitten. Install Google Chrome: https://www.google.com/chrome/
4. Configure Your Terminal
sudo apt-get install update && sudo apt-get install upgrade -y
sudo apt install pcsc-tools opensc pcscd unzip coolkey -y
Run this command if you run into dependency issues only
sudo apt-get install --fix-missing
5. Download the VMware Horizon Client. NOTE: VMware has been purchased by Broadcom and it has been a very challenging and problematic transition. URL’s are all over the place right now. Here is the main Broadcom Knowledge Base Article for the links:
https://knowledge.broadcom.com/external/article?legacyId=97841
https://knowledge.broadcom.com/external/article?articleNumber=312833
Here is the most recent (as of August 2024) Direct Linux Client. OMNISSA is the URL redirect instead of Broadcom.
cd Downloads
sudo dpkg -i VMware*
You are going to get an X11 Display error since Ubuntu 24.04 LTS uses Wayland as a native Display login.
6. Download and import your DOD PKI SSL Certificates into Google Chrome.
https://public.cyber.mil/pki-pke/end-users/getting-started/linux/
Go to the terminal and unzip the files so that you can import them into the Managed Certificates keystore.
unzip unclass*
7. Click on the 3 dots on the right of Chrome and Click on Settings
8. Click on Privacy and Security
9. Click on “Security”
10. Scroll down the page and click on “Managed Certificates”
11. Click on Authorities and then click on “Import” (Do not import into the wrong place)!
12. Reboot your computer.
13. Make sure that you remove your smart card from the reader if you are logging in or the computer will try to login with the smart card.
14. Launch Google Chrome (it may prompt you to unlock your Smart Card). Type your pin and unlock it. This will allow the browser to access your smart card to authenticate the PKI SSL Certificates on your Smart Card to access the DOD website.
Your welcome little buddy. ;-)