Re: SCR 243 problems SOLVED!!! (was: Re: [Fed-Talk] More SCR243problems)
Re: SCR 243 problems SOLVED!!! (was: Re: [Fed-Talk] More SCR243problems)
- Subject: Re: SCR 243 problems SOLVED!!! (was: Re: [Fed-Talk] More SCR243problems)
- From: email@hidden
- Date: Tue, 9 May 2006 16:05:04 +0000 GMT
- Importance: Normal
- Sensitivity: Normal
So your situation is the old CAC viewer can read the card, but the certs don't show up in keychain access?
Don Slife, CISSP
Office: 210 320-0410
Cell: 210 379-5188
-----Original Message-----
From: Mark Litkowski <email@hidden>
Date: Tue, 09 May 2006 11:43:27
To:Don Slife <email@hidden>
Cc:Fed Talk <email@hidden>
Subject: Re: SCR 243 problems SOLVED!!! (was: Re: [Fed-Talk] More SCR243
problems)
Ok,
So can anyone please boil it down for the least common denominator type people like me? I have a Powerbook G4 with an SCR243. All I can seem to do is get the old Common Access Card Viewer to work, and nothing else. Could you make it a checklist like:
1. Go to Terminal
2. Type in blah, blah blah
3. Go to Key Chain, blah
4. Go to Safari, blah
I don't mind looking like an idiot, as long as it will help me get what I need.
Thanks,
Mark
On 5/9/06, Don Slife <email@hidden: <mailto:email@hidden> > wrote: All,
Nothing like reading source code late at night to figure out
what's going on! Here is the problem I was having and how I solved it.
NOTE: I did reload all the SmartCard files from a known good source
to make sure I hadn't mucked anything up before I started this.
To recap:
My pcscd would die a few minutes after I inserted the card reader in
the slot. The low level driver was working because it would report
card insertion events when I put the CAC into the reader, but I never
saw anything in the keychain.
What was happening is pcscd would start, look for a reader it knew
about, not recognize my reader and then exit.
The solution:
In /usr/libexec/SmartcardServices/drivers/SCR24Hndlr.bundle/Contents/
Info.plist there are two keys that pcscd uses to identify the
reader. They are ifdVendorID and ifdProductId
In the distribution version of the file they are
<key>ifdProductID</key>
<string>0xffff</string>
<key>ifdVendorID</key>
<string>0x04e6</string>
A bit of digging through the source shows that pcscd maps the
VendorID of the pcmcia card to VendorId and the DeviceId of the card
to ProductID
System profile shows that for the card I have
DeviceID: 1
VendorID: 65535
Thus, changing the Info.plist to
<key>ifdProductID</key>
<string>0x0001</string>
<key>ifdVendorID</key>
<string>0xffff</string>
made pcscd happy, and now my keys show up in keychain access.
For further research (for someone NOT me!)
1) Why do the values from my card (ActivCard model ZFG-9818-AA)
disagree with the values in the file from Apple?
2) How can this be fixed so "it just works" like a mac should?
I hope this helps.
Donald A. Slife, CISSP
SDS International
On May 8, 2006, at 12:35 PM,
email@hidden: <mailto:email@hidden> wrote:
> Tim got it right. A dongel is a pain with a laptop!
>
> While I appreciate the issues people are having with the new intel
> mac's I'm still stuck getting this working on this (non intel) laptop.
>
> If anyone has one working and is willing to answer a few questions,
> I THINK I might know part of the problem. I'll summarize what I
> find for the list.
>
>
>
> Don Slife, CISSP
> Office: 210 320-0410
> Cell: 210 379-5188
>
>
> -----Original Message-----
> From: "Timothy J. Miller" <email@hidden: <mailto:email@hidden> >
> Date: Mon, 08 May 2006 09:28:25
> To:"Carlsen, David D. Contractor" <email@hidden: <mailto:email@hidden> >
> Cc:Don Slife <email@hidden: <mailto:email@hidden> >, Fed Talk < email@hidden: <mailto:email@hidden> >
> Subject: Re: [Fed-Talk] More SCR243 problems
>
> Carlsen, David D. Contractor wrote:
>
>> Why is it again that you are using the SCR243? Perhaps it's time
>> to switch
>> to an SCRx31. I don't think they're that expensive.
>
>> I'm using an SCR531 and have had success in setting it up for use
>> in email &
>> login on the Mac side and login using VPC.
>
> Because the SCR243 is a PCMCIA reader, which is a heck of a lot more
> convenient in a PowerBook than a dangly USB reader. :)
>
> The *real* question is what to do on the new MacBook Pros; I don't
> know
> of any card reader that will work in an ExpressCard/34 slot. Apple
> *really* should have stuck with /54.
>
> -- Tim
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden: <mailto:email@hidden> )
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
: <mailto:email@hidden>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden
: <mailto:email@hidden> )
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden: <mailto:email@hidden>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden