Re: [Fed-Talk] SCM Micro SCR243 PC Card Smart Card Reader
Re: [Fed-Talk] SCM Micro SCR243 PC Card Smart Card Reader
- Subject: Re: [Fed-Talk] SCM Micro SCR243 PC Card Smart Card Reader
- From: Keven Routon <email@hidden>
- Date: Tue, 04 Apr 2006 11:21:12 -0500
I'm not having any success in recognizing my CAC card. I have a 12" PowerBook G4 with latest update (10.4.6). I'm attempting to read/import my certificates from a USB connected SCM Micro SCR331 with latest firmware and have not imported any drivers. I can use the device with my PC but I'm not able to use it with my MAC (preferred method).
Previously I was able to use soft certificates imported into Firefox, but those certificates have expired and the Navy now requires that I use the CAC card exclusively.
I attempted to follow the below instructions but was unable to locate the files specified. I therefore waited for the 10.4.6 update, but after updating this morning, I'm still not finding the CAC card.
Keven Routon
Search only in fed-talk list
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Fed-Talk] SCM Micro SCR243 PC Card Smart Card Reader
Subject: Re: [Fed-Talk] SCM Micro SCR243 PC Card Smart Card Reader
From: Travis Trupp <email@hidden>
Date: Mon, 13 Mar 2006 18:44:05 -1000
Thanks for the help!!! This worked.
Travis
On Mar 13, 2006, at 3:58 AM, Timothy J. Miller wrote:
Travis Trupp wrote:
I have a SCM Micro SCR243 PC Card Smart Card Reader/Writer. I am running Mac OS 10.4.5 on a PowerBook G4. The CAC reader will not recognize my CAC card when it is inserted. Can anyone confirm whether they have been able to get this particular CAC reader to work on a Mac? I checked the reader on a PC and it recognizes my CAC card...so I am assuming some type of software/driver problem. Any help in troubleshooting would be greatly appreciated.
1) Don't use the SCM driver. At all. If you did, get the Apple driver from a clean system and reinstall it (the SCM driver installer deletes it).
2) See the attached message for workarounds for a couple of 10.4.{0,1,2,3,4,5} bugs with PCCard readers.
3) When 10.4.6 comes out, you can undo these instructions. It will just work.
HTH, HAND. :)
-- Tim
From: Shawn Geddis <email@hidden>
Date: January 6, 2006 6:42:30 AM HST
To: Fed Talk <email@hidden>
Subject: Re: [Fed-Talk] PCMCIA CAC Reader Rec Req
On Jan 6, 2006, at 9:19 AM, Judy Woelfle wrote:
Just to follow-up with my email yesterday, the drivers for our PCMCIA reader are included in Tiger.
Judy Woelfle
-----Original Message-----
From: fed-talk-bounces+judy=email@hidden [mailto:fed-talk-bounces+judy=email@hidden] On Behalf Of Timothy J. Miller
Sent: Friday, January 06, 2006 9:16 AM
To: Wm. Cerniuk
Cc: Fed Talk
Subject: Re: [Fed-Talk] PCMCIA CAC Reader Rec Req
Wm. Cerniuk wrote:
> Looking for a PCMCIA CAC reader that provides excellent support for
> Mac
> that is also a decent one for the PC. Any recommendations? Of primary
> interest is operational support but also firmware update support.
SCM SCR243. Mac drivers on the website.
-- Tim
As many of you know, I have been 'unavailable' for quite sometime and am behind in followup to messages relating to Security / Smart Cards / ... on this list. I did, however, need to quickly jump in this conversation and try to clear this up a bit for everyone. I will grab a few clips from my upcoming Mac OS X 10.4 Smart Card Integration Guide.... the one many of you have been waiting for...
Mac OS X 10.4.x already ships with drivers for the following PC Card Smart Card Readers:
* CRYPTOCard (see note below)
* OMNIKey (CardMan 4040)
* SCM (SCR24X ==> SCR241 / SCR243)
*Note*
If you have or want to use the CRYPTOCard PC Card Reader, you will need to verify/do the following:
* If you have a relatively recent reader, it should be a "CardMan 4040" mechanism and just works as expected
* If you have one of the older versions of the reader (PC-1), make sure you retrieve the updated driver available
from CRYPTOCard as noted by Judy.
For right now, if you plan on using any PC Card reader, you will also need to do the following steps:
Supporting PC Card Smart Card Readers
* As of Mac OS X 10.4.3, there are two modifications to a system required to use the supported PC Card Readers.
To ensure the PC Card readers fully function (due to a current bug being fixed) perform the following two steps to always have pcscd launch with no conflicts.
(1) Set securityd to launch pcscd at startup time
By default, the pcscd process is started when a Smart Card Reader is connected or identified on the system. There is a current issue (as of Mac OS X 10.4.3) which prevents this dynamic process launching to take place when a PC Card reader is in use.
To have pcscd run at startup time, edit the /private/etc/mach_init.d/securityd.plist so that the "Command" key is:
<key>Command</key>
<string>/usr/sbin/securityd -s on</string>
The default plist for securityd is:
hurljo3% cat /etc/mach_init.d/securityd.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>ServiceName</key>
<string>com.apple.securityd</string>
<key>Command</key>
<string>/usr/sbin/securityd</string>
<key>OnDemand</key>
<false/>
</dict>
</plist>
(2) Move aside the CCID Class Driver from the Smart Card Services.
By default, the Smart Card services detects and supports all CCID compliant readers. There is a current issue (as of Mac OS X 10.4.3) which causes the CCID Class Driver to conflict with the communication to a PC Card-based Smart Card Reader. The Class Driver (bundle) must be moved aside to prevent this conflict. Retention of this CCID Class Driver bundle is highly suggested for when this issue has been resolved.
# mv /usr/libexec/SmartCardServices/drivers/CCIDClassDriver.bundle /usr/libexec/SmartCardServices/
** This will move it outside the driver directory and into the high-level SmartCardServices directory.
(3) Removing Smart Card Services Startup Item on machines that have been upgraded from 10.3x-10.4.x
# rm -r /System/Library/Startupitems/SmartCardServices/
To clarify about the securityd ==> pcscd process control:
Under normal conditions, once pcscd is dynamically launched (when a reader is connected to/detected on an OS X 10.4 system) Securityd will verify that there is a Smart Card Reader present and attempt to match the reader to a driver (CCID Class driver covers ALL CCID Compliant readers). Once launched, after 2 minutes with no Smart Card Reader present, securityd will kill pcscd (reduce resource overhead) and wait for another event causing it to dynamically launch pcscd again (when a card reader is reattached). Now, since we are modifying securityd.plist ("securityd -s on") to always signal securityd to launch pcscd at startup and not to kill it after 2 minutes the normal process has been short circuited.
I have all of this handled with shell scripts, but will release that at the time the guide is ready and will make it perfectly clear that they are from me 'personally' and Apple is not responsible for supporting them.
- Shawn
___________________________________________
Shawn Geddis T (703) 264-5103
Security Consulting Engineer C (703) 623-9329
Apple Enterprise Sales email@hidden
Apple Computer, Inc.
1892 Preston White Drive T (703) 264-5100
Reston, VA 20191
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
References:
>[Fed-Talk] SCM Micro SCR243 PC Card Smart Card Reader (From: Travis Trupp <email@hidden>)
>Re: [Fed-Talk] SCM Micro SCR243 PC Card Smart Card Reader (From: "Timothy J. Miller" <email@hidden>)
Prev by Date: [Fed-Talk] OS X Server Backup
Next by Date: [Fed-Talk] Microsoft releases 11.2.3 update
Previous by thread: Re: [Fed-Talk] SCM Micro SCR243 PC Card Smart Card Reader
Next by thread: [Fed-Talk] Nice Application
Index(es):
Date
Thread
Home Archives FAQ Terms/Conditions Contact RSS Lists About
Visit the Apple Store online or at retail locations.
1-800-MY-APPLE
Contact Apple | Terms of Use | Privacy Policy
Copyright © 2006 Apple Computer, Inc. All rights reserved.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden