Re: [Fed-Talk] CAC and Leopard
Re: [Fed-Talk] CAC and Leopard
- Subject: Re: [Fed-Talk] CAC and Leopard
- From: Michael <email@hidden>
- Date: Mon, 17 Dec 2007 16:11:37 -0500
Unless there is another report that the Axalto card does or does not
work with the SCR331 reader, I'd recommend another test.
Create a new account on the machine and try the card with Keychain
Access.
This gives you a mostly clean slate to test with.
Inserting the card should cause a number of actions which one would
assume includes accessing any number of items in your keychain as it
looks for the certs related to the keys on your CAC card. For that
matter even your certs on your CAC card could be the problem. I have
seen and heard of a number of errors in CAC cards, ones I remember are
one or no certs and wrong email address tied to a cert, niether of
those would cause a crash but that does not eliminate the possibility.
I have also seen where a corrupted cert can crash Keychain Access only
when you clicked on it and another cert that prevented program access
all certs below it in the list -- it took me a long time before I
figured out why some signatures were valid and some weren't.
Michael
On Dec 17, 2007, at 2:27 PM, Hare, Lawrence CTR USA USAMC wrote:
Oh dear, so it seems we can add the Axalto card to the Oberthur as a
problem child. Is there any way we can push this issue? Why does
your card work and mine not, I wish I could try yours on my reader
to see if it is my machine or truly the Axalto I have. Why would it
be a card issue?
Safari and Keychain go into total revolt when I insert this card,
and it is a key requirement that this work for me. How can I get
this resolved, any ideas?
Does anyone else have an Axalto and is it working under Leopard?
Thanks - Lawrence
On Dec 17, 2007, at 2:04 PM, Michael wrote:
Yes, lots of people have the CAC cards working under Leopard.
I have SCR331 firmware 5.18 with a GEMPLUS GXP3 64V2N card.
Working fine.
The only problem I have seen stated is the Oberthur card with
SCR331 card reader.
Michael
On Dec 17, 2007, at 1:09 PM, Hare, Lawrence CTR USA USAMC wrote:
Well - I stand corrected, thanks, that could not have been easier!
It says I have an SCR331 firmware version 5.18. Would that be the
problem?
I fiddle with the Smart Card reading stuff over on my PC and it
tells me that I have an Axalto card, Cyberflex Access 64K V2c.
Would this imply that the card itself is an innocent? The message
I saw previously stated that the Oberthur might be a problem.
Does anyone actually have this working on Leopard?
Thanks for the help.
Lawrence
On Dec 17, 2007, at 12:28 PM, Mike Jackson wrote:
Run system profiler. Drill down in the USB section to find out..
-- Mike Jackson Senior Research Engineer
Innovative Management & Technology Services
On Dec 17, 2007, at 12:24 PM, Hare, Lawrence CTR USA USAMC wrote:
Well - nothing is easy! I know I checked this before, I think
via Parallels, but now it refuses to tell me. I plugged the
blasted reader into a PC and ran the advanced diagnostics and it
tells me everything about the thing EXCEPT the version, it
reports that the Vendor IFD Version is 0.0.0. I tried the same
diagnostics on the HP CAC reader and it told me everything,
including the version.
It was, I thought, the latest firmware when I started using it
on Tiger, which is an age ago.
Is there any way on the Mac to get the version, some Terminal
command that queries it?
Thanks - Lawrence
On Dec 17, 2007, at 11:59 AM, Damien Weiss wrote:
What's the version of the firmware on the CAC reader? Check to
see if it's the most current (which if I remember correctly, is
5.25).
Thanks,
Damien
On Dec 17, 2007, at 11:48 AM, Hare, Lawrence CTR USA USAMC wrote:
I have just run into this issue and I just wish I had known
about it before upgrading to Leopard. I am running 10.5 and
using a SCR331 CAC reader. This all worked fine with Tiger but
I am now unable to get to any device requiring CAC
authentication and I urgently need this to work.
Keychain crashes most of the time but when it comes up it
opens a window with no content on the right. I see my CAC on
the top of the Keychains pane, but there is nothing that can
be done with it. If I remove the CAC card from the reader
Keychain behaves normally. Safari either crashes or opens a
normal login window which is useless. Normally I get the CAC
pin request, and I did once, but Safari then crashed again.
Is there any solution that anyone is aware of or any hope that
this will be fixed realSoonNow?
Thanks - Lawrence Hare
_______________________________________
Lawrence Hare
GFEBS Systems Engineer Process Manager
(o) 703 682 3415
(c) 301 351 5439
email@hidden
http://GFEBS.army.mil/
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________
Lawrence Hare
GFEBS Systems Engineer Process Manager
(o) 703 682 3415
(c) 301 351 5439
email@hidden
http://GFEBS.army.mil/
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________
Lawrence Hare
GFEBS Systems Engineer Process Manager
(o) 703 682 3415
(c) 301 351 5439
email@hidden
http://GFEBS.army.mil/
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
Michael
---
"Producing a system from a specification is like walking on water--
it's easier if it's frozen."
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________
Lawrence Hare
GFEBS Systems Engineer Process Manager
(o) 703 682 3415
(c) 301 351 5439
email@hidden
http://GFEBS.army.mil/
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
Michael
---
"Producing a system from a specification is like walking on water--
it's easier if it's frozen."
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden