Re: [Fed-Talk] CAC on Leopard
Re: [Fed-Talk] CAC on Leopard
- Subject: Re: [Fed-Talk] CAC on Leopard
- From: Michael Smith <email@hidden>
- Date: Wed, 05 Dec 2007 15:52:48 -0500
- Thread-topic: [Fed-Talk] CAC on Leopard
Title: Re: [Fed-Talk] CAC on Leopard
Michael,
Have you been able to get CAC working with PKCS type applications, such as Firefox, yet?
Mike Smith
--
Michael Smith
Remote Sensing GIS Center
CRREL - ERDC
US Army Corps of Engineers
Hanover, NH
On 12/5/07 3:30 PM, "Michael Chute" <email@hidden> wrote:
I will relate my experience and how I got mine working. I have a Gemplus GXP3 64V2N card and an ActiveCard reader flashed with SCM 5.25 on a Mac Pro. After performing my archive and install my cac ceased to work (was fine under tiger). My reader wouldn’t even blink (it had been previously flashed with version 5.22 of SCRx31). I decided to check it under my boot camp installation and found that it wasn’t even registering as a SCM cac reader, it was something like DFU I have no idea how it got “unflashed” but it was attached during installation...I downloaded the 5.25 firmware to flash it, but that didn’t work said it couldn’t find a reader. I then went back and re-flashed it with the 5.18, which worked, then flashed it again with the 5.25 which then worked. I then booted back into MacOS and now my reader would flash when I inserted the card. However the CAC wouldn’t work with INFOSEC so PKI wasn’t working. I opened Keychain access and noticed that the x509 anchors was missing from the list so I added it from /System/Library/Keychains. I also noticed that the X509 certs keychan was shown, but was locked, couldn’t be unlocked, and the icon on the left of the name was missing. I went into the previous systems folder migrated to /System/Library/Keychains and copied it back into the current /System/Library/Keychains. As soon as I did that everything started to work again. My CAC works just like it did in Tiger now. I don’t know if this will help others, but it worked for me.
M.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden