Re: [Fed-Talk] NMCI/PKI - FAQ? How-to?
Re: [Fed-Talk] NMCI/PKI - FAQ? How-to?
- Subject: Re: [Fed-Talk] NMCI/PKI - FAQ? How-to?
- From: Duane and Julie <email@hidden>
- Date: Fri, 17 Feb 2006 14:20:35 -0800
Scott,
Sorry about the delay in replying. It turns out that I somehow entered the wrong PIN three times, and now my card is locked. I had intended to get it reset (2 minute exercise) but get this:
There is ONE card reader on base (5,000 people).
All the soft certificates have expired or will soon.
The sole reader is BROKEN, and has been for at least two weeks (that I'm aware of).
I can't get a date for when it WILL be fixed: they are waiting for paperwork!
In the mean time, I can insert the card, it reads it and I can look at the certificates. And that's it. I can't go anywhere to try anything.
Basically, I'm currently useless for the foreseeable future and boy, do I need a vacation!
duane
On Wednesday, February 15, 2006, at 12:09PM, Scott Cote <email@hidden> wrote:
>Duane,
> We are trying to get this to work for us... With this solution, we
>can sign but not encrypt yet... Can you encrypt?
>Thanks!
>Scott
>
>On Feb 14, 2006, at 5:43 PM, Duane & Julie wrote:
>
>> I was given an ActivCard reader to use, and my co-worker discovered
>> something about them: the firmware needs to be updated before it
>> will work with Mac OS X. We did that and we can now read CACs.
>>
>> Just a little gotcha that nobody tells you...
>>
>> duane
>>
>> On Feb 14, 2006, at 5:30 AM, Michael Kluskens wrote:
>>
>>> You will need to specify what card reader you are using.
>>>
>>> On Feb 14, 2006, at 7:36 AM, IT3 Stuart Blake Tener, USN wrote:
>>>
>>>> I have a PowerBook G4 17" w/1.5GB RAM/80GB HD and a Verizon Wireless
>>>> Broadband card that I use for Internet Access. That said, I would
>>>> like to be
>>>> able to access at the minimum webmail.nmci.navy.mil, and at the
>>>> most be able
>>>> to POP/IMAP my email with an appropriate email client. I have
>>>> successfully
>>>> setup the CAC Readers on PCs, but have been struggling to use a
>>>> CAC reader
>>>> on the Mac.
>>>
>>>
>>> In OS X 10.4.x CAC card support is built in. If you install the
>>> ActivCard software you will likely break that built-in support.
>>>
>>> As a test, connect your card reader to your machine, insert your
>>> card, and then launch Keychain Access. If you are already
>>> configured then an extra item will appear in the upper left pane
>>> (Keychains), mine is labeled "smart card #2", you may have to
>>> press a button labeled "Show Keychains" which is located at the
>>> bottom left of the window. At a minimum the keychain pane should
>>> list the following keychains: "shortusername", X509Anchors,
>>> System, X509Certificates.
>>>
>>> Also, it might be neccesary to follow the following instructions
>>> (may have been fixed since the first release of OS X 10.4):
>>>
>>>>> -- Federal Customers within DoD will need to add the
>>>>> "X509Certificates" to the list
>>>>>
>>>>> a) Launch Keychain Access
>>>>> b) Select "Edit -> Keychain List"
>>>>> c) Select "Show: Mac OS X (System)"
>>>>> d) Check "Shared" checkbox next to
>>>>> "X509Certificates" (/System/Library/Keychains)
>>>>> e) X509Certificates will now appear in the Keychains
>>>>> List and will be available for
>>>>> Intermediates for the whole trust path
>>>>> validation.
>>>
>>> Also, try the archives for more info, search for messages by Shawn
>>> Geddis since the release of Tiger for quickest results. I posted
>>> a message yesterday with two of his messages attached.
>>>
>>> Michael
>>>
>>> _______________________________________________
>>> Do not post admin requests to the list. They will be ignored.
>>> Fed-talk mailing list (email@hidden)
>>> Help/Unsubscribe/Update your Subscription:
>>> 40mac.com
>>>
>>> This email sent to email@hidden
>>
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Fed-talk mailing list (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden
>
>
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden