DoD PKE InstallRoot and CRLAutoCache Configuration Files Have Moved!

The DISA-hosted files used to provide automatic configuration information and updates to InstallRoot and CRLAutoCache for Windows and Linux on unclassified systems have moved from the decommissioned IASE web site to the Global Directory Service (GDS) at  Any instances of these tools running on unclassified systems and utilizing the default DISA-hosted configuration files must be reconfigured to point to the new hosting locations for the configuration files.

Relocated files include:

  • CRLDP files used by CRLAutoCache for Windows and Linux, formerly hosted at:[file-name][file-name]

  • DNLookUpTable files used by CRLAutoCache for Windows, formerly hosted at:[file-name][file-name]

  • .ir4 files used by InstallRoot, formerly hosted at:[file-name][file-name]

These files are now available at[file-name] .  The file names themselves remain unchanged.  A complete listing mapping the former IASE file locations to the new GDS file locations is available here.

CRLAutoCache for Windows – See the Editing CRLAutoCache Source Locations guide for instructions on updating URLs for both CRLDP and DNLookUpTable files.

CRLAutoCache for Linux – Search for and update the URL values for the following within





For individual installation modifications, see the Editing Certificate Group Locations for InstallRoot via the GUI guide.

For enterprise deployment modifications, the registry key values can be updated via GPO.  Target HKCU or HKLM based on the context within the tool is configured to run.  Substitute the specific version number being run in the environment (e.g. 5.3) for 5.X, and include a separate entry for each group managed by the tool (DoD, ECA, JITC and/or WCF).

Within [HKLM or HKCU]\SOFTWARE\DoD-PKE\InstallRoot\5.X\Groups\[Group_Name], update the URL Multi-String value to the new GDS URL (e.g. for the DoD group).