• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: [Fed-Talk] Installing NMCI Root Certs on Mac
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fed-Talk] Installing NMCI Root Certs on Mac

  • Subject: Re: [Fed-Talk] Installing NMCI Root Certs on Mac
  • From: Shawn Geddis <email@hidden>
  • Date: Sun, 16 Jul 2006 01:20:44 -0400
On Jul 16, 2006, at 12:49 AM, James Kapple-Bland wrote:

Is there a way to install root certs for NMCI on a Mac? I am running 10.4.7 on a 17” PB G4 and I have a working CAC card and reader. I would like to access my NMCI mail through Entourage. The NMCI webmail program doesn’t support encryption of digitally signing messages. The NMCI Help Desk took me to the InfoSec page to get InstallRoot18A.exe but then I’ll have to use Virtual PC. Not the ideal situation.

If this is a no go, does anyone know how to suppress the Name Check value in Entourage? I had my PC set up for that before and could use my CAC card to encrypt/sign from my contractor mail account.

Thanks and please advise. Have a good weekend.
James

James,

No need to "Install Root Certs" for NMCI.  Mac OS X 10.4.x already has the DoD Trusted Root CA Certificates in the X509Anchors keychain which contains all of the Trusted Root CA Certificates used by the OS.  What you may not have done yet is to "enable" the "X509Certificates" via Keychain Access's Keychain List.  This keychain has the DoD Intermediate Certificates which are pre-installed by Apple.  Standard PKI trust validation would require that your system is able to validate the user/server certificate --> Intermediate certificate --> trusted root ca certificate.  If the Intermediates are not available, then the system is unable to validate the trust path.

You need to ensure you have applied all of the Microsoft updates for office which includes updates for Entourage.

Both Microsoft and Apple enforce the ratified RFCs relevant to S/MIME which requires that everything to the left of the "@" is exactly the same and is case-sensitive, hence you will not be able to override that you need to send from the same email account that is identified in your certificate. 

- Shawn
___________________________________________
Shawn Geddis
Security Consulting Engineer
Apple Enterprise Division    (Public & Private Sector)

Attachment: smime.p7s
Description: S/MIME cryptographic signature

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: [Fed-Talk] Installing NMCI Root Certs on Mac
      • From: "Timothy J. Miller" <email@hidden>
References: 
 >[Fed-Talk] Installing NMCI Root Certs on Mac (From: James Kapple-Bland <email@hidden>)

  • Prev by Date: [Fed-Talk] Installing NMCI Root Certs on Mac
  • Next by Date: Re: [Fed-Talk] Installing NMCI Root Certs on Mac
  • Previous by thread: [Fed-Talk] Installing NMCI Root Certs on Mac
  • Next by thread: Re: [Fed-Talk] Installing NMCI Root Certs on Mac
  • Index(es):
    • Date
    • Thread