403: Access Forbidden

Why am I getting “403: Access Forbidden” and how do I correct it?

If you receive an error reading “403: Access Forbidden” you may have a corrupt or invalid file in your temporary internet files.  Depending on the browser you’re using the method of clearing your temporary files (cache) can vary.  Search your browser’s help files on how to delete its cache and cookies.  Once you have cleared the browser cache close all your browser windows and restart AKO/DKO in a new window.

Clear Cache on Internet Explorer 7.0

  • Open the ‘Tools’ menu and select ‘Internet Options’
  • On the ‘General’ under ‘Browsing History’ click ‘Delete…’
  • Delete your Temporary Internet Files and Cookies
  • Close your options windows and browser windows

If you are still having issues you can follow the below steps to ensure your browser is configured properly for AKO access.  These steps will likely only be necessary on a home PC.  The following three instructions are all under the ‘Internet Options’ window that you accessed in the previous step.

Verify Trusted Sites

  • Click the ‘Security’ tab
  • Click the ‘Trusted Sites’ icon
  • Click the ‘Sites’ button
  • In the list labeled ‘Websites’ highlight the option https://akocac.us.army.mil and click the ‘Remove’ button.
  • In the ‘Add This Website’ text box type: *.army.mil
  • Click ‘Add’
  • Click ‘Close’

Turn off your Pop-Up blocker

  • Click the ‘Privacy’ tab.
  • Near the bottom of the page you will see a check box to turn your pop-up blocker on and off.
  • Clear Old CAC Certificates
  • Click the ‘Content’ tab.
  • Click the ‘Certificates’ button.
  • Select any certificate that is expired (There are at least three per CAC) and select ‘Remove’
  • Click ‘Close’

Clear SSL State

  • Click the ‘Content’ tab.
  • Click the ‘Clear SSL State’ button.
  • Click Ok to confirm.
  • FIPS (Federal Information Processing Standards) compliance
  • Click the ‘Advanced’ tab.
  • Scroll in this window to the ‘Security’ section.
  • Verify the following:
  • SSL 3.0 checked
  • TLS 1.0 checked
  • SSL 2.0 unchecked
  • Click Apply
  • Click Ok

Disable “Third Party Browser Extensions”

  • Click the ‘Advanced’ tab.
  • Scroll in this window to the ‘Browsing’ section.
  • Find the phrase “Enabled third-party browser extensions” and uncheck the box next to it.
  • Click Ok.
  • Once you’ve followed the above steps you will need to close all open browser windows.  When you launch a new window manually type the address www.us.army.mil into the address bar instead of using a link or other shortcut.

You may also need to install the DoD Root Certificates or ActivClient if browsing to AKO from home.  For the following steps first log in to AKO; the Quick Links menu runs along the top of the page.

Install DoD Root Certificates

  • Open the Quick Links menu.
  • Click ‘CAC Resource Center’
  • Click Step 3 on the left; ‘DoD Certificates’
  • Click the hyperlink titled ‘InstallRoot 3.15a’
  • Click Run
  • After installing close your browser and launch a new one to try again.

ActivClient Installation (only for users who do not have ActivClient installed)

  • Open the Quick Links menu.
  • Click ‘CAC Resource Center’
  • Click ‘Install ActivClient’ on the right.  Note that this is available only to full account holders.

Leave a Reply

Your email address will not be published. Required fields are marked *