Why are all military websites marked as "not secure" by web browsers?

2018-06-18T20:41:16-04:00

With all the money DoD spends on these websites, you'd think that they'd be able to figure out a solution to this situation. Why do they have to make it additionally hard for you to access almost all .mil websites by clicking "continue anyway"? Even then sometimes it doesn't work and I can't access the website from home, such as MEDPROS or AIM2.

Response by SFC Marc W. made Jun 18 at 2018 9:04 PM

2018-06-18T21:04:11-04:00

Because they create what we see and go "good enough for government work".

Response by SSG Private RallyPoint Member made Jun 18 at 2018 9:04 PM

2018-06-18T21:04:39-04:00

I can’t access my technician pay system from home because of stuff like this so I can’t be sick when it’s time to do our pay.

Response by SGT Joseph Gunderson made Jun 18 at 2018 9:28 PM

2018-06-18T21:28:17-04:00

military sites utilize a different kind of security certificate that most web browsers, unless you have downloaded certain plugins, won't recognize. It isn't that the site is actually insecure rather you browser thinks that it is because it doesn't understand the codes.

Response by SGT Private RallyPoint Member made Jun 18 at 2018 11:51 PM

2018-06-18T23:51:33-04:00

DoD's Root Certificate Authority (CA) is not published to the public, it only available with in DISN (DoD Information Systems Network). So when you are visiting a DoD sponsored website like MEDPROS, or AIM2 from the out side of DISN (public ISP (Internet Service Provider), or internet). You have to force the browser to trust the unverified digital certificate. Or you can manually install the DoD Root certificates, which you can get from AKO.

Response by SGM Bill Frazer made Jun 19 at 2018 11:33 AM

2018-06-19T11:33:33-04:00

I would expect an O2 to think better- hell sir, the attempts to hack into the Govt is staggering- and DOD, etc., are quite frequently penetrated.